Top 5 Phishing Scams Targeting Australians in 2025 (And How to Spot Them)
Cybercriminals are becoming smarter, faster, and more convincing — and Australians are prime targets. The most common method attackers use? Phishing.
Understanding the latest phishing scams can protect you, your employees, and your business before it’s too late.
Here’s what’s trending in 2025 — and what you need to watch out for.
1. Deepfake Voice cloning scams
Attackers use AI tools to clone voices. They make calls sound like they're from a trusted source in attempts to get victims to give away money or sensitive information. Imagine receiving a voicemail from your "daughter" asking to transfer urgent funds, only it’s not her.
🔎 How to Spot It:
Urgent requests and pressure to act immediately.
Requests that seem slightly out of character.
Poor audio quality, subtle glitches.
Always verify requests using legitimate channels (e.g., call directly).
2. AI-generated impersonations
Scammers are using AI to create hyper-realistic impersonations of well-known figures, such as celebrities, politicians, or business leaders. By mimicking trusted voices, they promote fraudulent schemes designed to deceive and exploit their audience.
🔎 How to Spot It:
Look out for “investment" schemes promoted by well-known figures.
Requests for money or sensitive information.
Poor video quality, glitches between audio and video.
Remember, if it’s too good to be true, it is!
3. Business Email Compromise (BEC)
Scammers impersonate a known source or trusted person via email and request an urgent payment be made. These emails are highly convincing and tailored, using real names, email signatures, and even referencing current projects or work, making them harder to spot.
🔎 How to Spot It:
Sudden, urgent requests involving money or financial information.
Slightly altered email addresses (like CEO@yourconpany.com instead of company.com).
Requests to bypass normal approval processes.
4. malicious QR Codes
Scammers are exploiting the rising adoption of QR codes by distributing malicious QR codes in public spaces or embedding them in phishing emails. The scammer tricks people into visiting malicious websites designed to steal personal data or install malware.
🔎 How to Spot It:
Be cautious of QR codes from unknown sources, especially if they appear on physical flyers, emails, or social media.
Always verify the event or promotion through official channels before scanning.
Avoid scanning QR codes that prompt unusual behaviour, such as automatic redirects or app downloads.
5. Tax scams
With the rise in digital tax lodgements, attackers are sending emails pretending to be from the Australian Taxation Office (ATO), asking recipients to update their information or claim a refund.
🔎 How to Spot It:
Directions to click on a link (the ATO will never an email with a link to log in).
Pressure to act immediately.
Generic greetings ("Dear Customer").
Typos or strange formatting.
Reduce the risk of phishing
At Psyber, we don't just react to threats — we prepare your people to spot them before they strike. Through security awareness training, we help Australian businesses reduce their human risk dramatically.
📞 Ready to Get Started?
The best time to build a strong cybersecurity culture was yesterday. The second-best time? Today.
Book a free consultation with our team now and learn how we can help your business stay safe against cyber threats.
Based in Sydney and trusted by businesses nationwide.
