Research conducted by Primara reveals that AI-enhanced phishing attacks could affect 1.18 million people over the next year, an increase of 930,000 compared to previous years, as artificial intelligence transforms cybercrime into an unprecedented threat.

Microsoft's latest report shows AI-automated phishing emails achieve a 54% click-through rate compared to just 12% for standard attempts, making them 4.5 times more effective. The technology enables more targeted attacks and sophisticated lures that even savvy users struggle to identify.

The financial incentive for cybercriminals is staggering. AI makes phishing up to 50 times more profitable, virtually guaranteeing increased adoption by bad actors seeking to exploit Australian businesses and individuals.

Company Breaches Escalate Dramatically

The scale of risk extends far beyond individual victims. When businesses fall prey to phishing attacks, the impact multiplies from one person to potentially millions having their data exposed.

Last year saw 147 phishing breaches reported by large Australian organisations, the highest number in five years. This surge coincides directly with AI's exponential growth, suggesting a clear relationship between the two trends.

The data already shows phishing breaches up 60% in 2024 compared with 2023, indicating AI has already increased attack effectiveness despite greater individual awareness.

If company breaches follow Microsoft's projected 4.5-times increase, Australia could see 540 breaches in 2025, up from 147 in 2024. This would impact an estimated 715,500 people through company breaches alone, an increase of 568,353 individuals.

Individuals Face Mounting Threat

Direct attacks on individuals present an equally alarming picture. Scamwatch data shows an average of 103,228 people were scammed via phishing per year over 2023 and 2024. A 4.5-times increase would push this to 464,528 victims, adding 361,299 more people to the casualty list.

Phishing already causes more company reported breaches than any other type of cyber attack. AI's effectiveness will transform it into a critical national security issue.

The challenge is twofold. Businesses must implement robust safeguards to protect customer data, whilst individuals need heightened awareness of AI-generated phishing's sophisticated nature.