New Proofpoint Survey Reveals Australia’s High-Profile Breaches Improved Employee Cyber Hygiene but More Needs to be Done


Sydney, AUSTRALIA - 30 May 2023 – Proofpoint, Inc., a leading cybersecurity and compliance company, today released the results of a new report to understand the kinds of scam communications commonly received by Australian workers and whether recent high-profile attacks have influenced them to improve their approach to cyber hygiene.  

The 2023 Australian User Risk Report found that while many Australian companies have responded to the attacks and new proposed legislations by reviewing their controls and making changes to their cybersecurity postures, complacency remains among employees, putting many organisations at substantial risk.

This study, which surveyed 1,017 working adults based in Australia, found that 87% of Australian workers changed their behaviour — with improvements in cyber hygiene — because of the recent attacks. While this may seem encouraging, nearly one in five (17%) remain likely or very likely to share OTPs (one-time-passwords) via email or messaging services if they think the person asking for it is a colleague, family member or friend.

Headline-grabbing breaches often provide scammers with new opportunities to exploit the collective psyche. Nearly two-thirds of Australian workers (63%) report that they received scam calls, texts, or emails at least two to three times a week in the months following the recent nationwide attacks. The most common themes used by attackers were parcel delivery lures from logistics companies, followed by messages pretending to come from banks and telecoms service providers, as well as fake organisations asking victims to make changes as a result of recent data leaks.

Another area of concern is the impersonation of widely-adopted cloud services trusted daily by Australian employees—such as Google Drive, Microsoft OneDrive and Dropbox. Fake links purporting to be from these companies and other cloud providers are often used by cyber criminals to lure victims into downloading malware and sharing sensitive data. Proofpoint research reveals that 20% of Australian workers are either unlikely to verify links contained in documents or simply do not know how to verify them. This is an alarming statistic, given that it only takes one successful phishing email to compromise an entire organisation.

“In Australia, organisations have made substantial investments in cybersecurity, and work tirelessly to keep up with changing regulations,” said Jennifer Cheng, Cyber Strategist, Asia Pacific and Japan, Proofpoint. “Despite these efforts, some of the best-known brands continue to succumb to phishing attacks. This proves just how critical the human factor is, as cyber criminals look for relationships that can be leveraged, trust that can be abused and access that can be exploited.”

Key findings highlighted in the 2023 Australian User Risk Report include:

  • Nearly a quarter (23%) of Australian workers feel that they have not received adequate training to enable them to spot scam emails/texts/threats. According to Proofpoint 2023 State of the Phish Report, basic cyber threats are still not well understood by Australian workers. Most employees suffer security awareness gaps – with more than a third surveyed reporting that they are not able to define common terms such as “malware,” “phishing,” and “ransomware.”
  • 20% of working Australians surveyed either do not know how to verify links from cloud service providers—or are unaware that they are able to. Microsoft OneDrive and Google Drive are the most common legitimate cloud infrastructure platforms used by threat actors. According to Proofpoint’s annual Human Factor Report, in 2021, 35% of cloud tenants that received a suspicious log-in also experienced suspicious file activity after the breach, revealing that privilege-based risk widens as organisations move to the cloud.
  • A staggering 17% of Australian workers remain likely or very likely to share OTPs (one-time-passwords) via email or messaging services if they think the person asking for it is a colleague, family member or friend. As reported within the annual Human Factor Report, high-privileged users are disproportionately targeted. Managers and executives make up only 10% of overall users within organisations, but almost 50% of the most severe attack risk.
  • Attackers thrive on impersonating known brands that Australians know and trust: the top 5 themes used by cyber criminals against respondents were: logistics companies (48%), banks (38%), telecoms services providers (37%), fake organisations asking to make changes as a result of recent data leaks (24%) and fake legal services about a windfall or inheritance (14%). Considering the volume of brand impersonation attacks, it’s alarming that 39% of Australian employees indicate they think an email is safe when it contains familiar branding, and 53% think an email address always corresponds to the matching website of the brand.

“When it comes to cyber risk, training and awareness are becoming much more important for Australian organisations. Yet our research shows that only 36% of Australian workers believe practicing a culture of security consciousness is top of mind for their leaders,” commented Adrian Covich, Senior Director, Technical Sales, Asia Pacific and Japan, Proofpoint. “People need to be a first line of defence for companies rather than the weakest link. Cultural changes, combined with improved training and awareness programs can help reduce risk, particularly people-related risk. There is clear value in building a culture of security that spans the entire organisation.”

To read the 2023 Australian User Risk Report, please visit:

For more information on cybersecurity awareness best practices and training, please visit:



About Proofpoint, Inc.

Proofpoint, Inc. is a leading cybersecurity and compliance company that protects organizations’ greatest assets and biggest risks: their people. With an integrated suite of cloud-based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber attacks. Leading organizations of all sizes, including 75 percent of the Fortune 100, rely on Proofpoint for people-centric security and compliance solutions that mitigate their most critical risks across email, the cloud, social media, and the web. More information is available at

Connect with Proofpoint: Twitter | LinkedIn | Facebook | YouTube

Proofpoint is a registered trademark or tradename of Proofpoint, Inc. in the U.S. and/or other countries. All other trademarks contained herein are the property of their respective owners.