Australians urged to tighten online habits on & off duty

Semperis has urged Australians to tighten everyday online habits at work and at home, warning that cybercriminals increasingly use phishing and other social engineering tactics that target people rather than systems.

Gerry Sillars, Vice President, APJ at Semperis, said attackers continue to manipulate users into opening malicious emails and taking unsafe actions. He described Safer Internet Day as a prompt for individuals and organisations to revisit how they spot and respond to warning signs.

Many organisations invest heavily in security tools and controls, but attackers still look for gaps created by routine behaviour, moments of distraction, and inconsistent processes. Social engineering campaigns often rely on trust and urgency, and can bypass technical defences when a user is persuaded to click a link, open an attachment, or share credentials.

Criminals have refined these tactics in recent years. Messages are now more tailored and less obviously fraudulent. Some campaigns mimic internal business communications, supplier notifications, delivery services, or common consumer brands. Others lean on current events or familiar administrative tasks.

As a result, risk extends beyond specialist IT teams. Employees, contractors, and consumers encounter similar techniques across workplace email, personal inboxes, messaging services, and social media. A compromise can quickly spread from one account to broader access across systems and data, depending on account permissions and the effectiveness of monitoring and controls.

Semperis pointed to common habits attackers exploit. Password reuse remains a persistent weakness across both consumer and corporate accounts. Delayed software updates create openings when known vulnerabilities remain unpatched. Unexpected emails and links can also slip through filters, particularly when criminals use legitimate services or previously compromised accounts to distribute messages.

The financial and personal impact can be significant if a compromise escalates into fraud or identity theft. Semperis cited the ASD Cyber Threat Report 2024-25, which put the average cost of cybercrime in Australia at $33,000 per report for individuals. Incidents can also trigger broader operational disruption when compromised credentials provide access to business systems.

Distraction affects timing as well as behaviour. Criminals often exploit weekends and holiday periods, when staffing levels are lower and response times can slow. Semperis said 52% of ransomware attacks in ANZ over the past 12 months occurred on a weekend or holiday period.

Warning signs

Semperis highlighted indicators people can use to assess suspicious messages, including urgent or threatening language that pushes the recipient to act quickly. Suspicious links and unexpected attachments remain common phishing features. Minor spelling errors in domains or sender details can also signal impersonation, even when branding and formatting look convincing.

These signals can appear across channels, not just email. Attackers increasingly use SMS and messaging apps in so-called smishing campaigns. Social media accounts may also distribute malicious links or gather information for more tailored approaches.

Even when a message appears to come from a known contact, it may not be safe. Compromised accounts can send realistic requests that mirror normal workflows, such as invoice changes, payment redirections, or shared file notifications. That makes verification particularly important for financial transactions or requests involving sensitive data.

Personal habits

The advice aligns with guidance often promoted by Australian government agencies and security organisations. Unique passwords reduce the impact of credential theft from any single account. Multi-factor authentication adds a second step that can block many attacks that rely only on stolen passwords. Regular patching reduces exposure to known vulnerabilities that criminals routinely scan for across consumer devices and corporate endpoints.

For businesses, these individual habits support broader operational discipline. Strong authentication controls, patch management, and clear processes for verifying requests can limit the blast radius of a single compromised user. Security teams may also flag unusual logins, unexpected file access, or anomalous payment requests. These measures work best when users know how to report suspected incidents quickly.

Sillars said the issue affects every user, regardless of technical expertise or the sophistication of an employer's security tools.

"Threat actors continue to target humans in their attacks by manipulating them into opening phishing emails and other social engineering tactics. And no matter how advanced an organisation's technology stack is, we are all the weakest link in the cybersecurity kill chain. Safer Internet Day is a timely reminder for Australians to stay vigilant as cyber threats continue to evolve."

He said attacks increasingly rely on personalised messages and automation that can scale across large numbers of targets while still appearing credible to individuals.

"What makes cyber risk so confronting today is that we can all fall victim. Attacks are no longer obvious or poorly written; they're highly personalised, AI-enabled and designed to exploit trust, urgency and routine behaviours, both at work and at home," he said.

Sillars said small day-to-day changes can reduce risk across personal accounts and business systems.

"On Safer Internet Day, it's a reminder that small actions can make a meaningful difference. Staying alert to common warning signs such as urgent or threatening language in emails, suspicious links or attachments, and minor spelling errors in domains or sender details is one of the best ways to stay safe," he said.

He added that Australians should follow official guidance on core safeguards. "To better protect yourself and your organisation, follow the Australian Government's guidance on cybersecurity best practices, such as unique passwords, multi-factor authentication and regular patching," he said.