5 Cyber Threats to Watch Out for and How to Stay Safe [2025 Update]

Phishing isn’t what it used to be.

Cybercriminals are using artificial intelligence to craft convincing messages – from fake emails and SMSes to voice messages that sound exactly like someone you know. These scams are tailored to your behaviour, your contacts, and even your recent conversations, making them far harder to detect than the clumsy scams of years past.

These attacks don’t just trick individuals, they’re also used to infiltrate businesses by impersonating staff or suppliers to extract sensitive information or trigger fraudulent payments. AI-powered social engineering is one of the fastest-growing cyber threats globally.

Fraud experts are warning of a new wave of scams where AI-generated voice calls and emails mimic official agencies like the Australian Tax Office (ATO)¹, duping people into handing over tax information or access to their bank accounts. Some businesses have reported six-figure losses after a staff member was misled by what they thought was a genuine request from a director or finance officer.

How to Stay Safe:

Imagine joining a video call with your company’s CFO who asks you to urgently transfer funds to a new account. Everything seems normal – same voice, same face, same tone. But what if that person isn’t real?

Welcome to the world of deepfake fraud – where cybercriminals use AI to generate realistic video and audio of someone you trust to manipulate or scam you. What started as novelty content on social media has evolved into a serious cyber security threat, especially for finance, HR, and executive teams. These attacks are highly effective because they prey on trust and familiarity. All it takes is a few minutes of publicly available video or audio footage, and AI tools can recreate someone’s likeness with uncanny accuracy.

In one of the most shocking cyber heists of the past year, a Hong Kong employee at a multinational firm was duped into transferring over US $25 million after joining a video call with what appeared to be the company’s CFO². In reality, the “CFO” and other participants on the call were deepfake avatars generated using AI tools. The victim had no idea they weren’t speaking to real people.

“The scam was so sophisticated that the employee didn’t realise it was a fake video call until after the funds had already been transferred,” said Hong Kong police.

Another case involved global engineering firm Arup, where cybercriminals impersonated a senior executive using deepfake technology to request urgent financial transfers³. The scam led to a loss of US $25 million.

How to Stay Safe:

Ransomware is not just a hacker sitting in a dark room anymore. In 2025, it is a full-blown business model. With Ransomware-as-a-Service (RaaS), cybercriminals can buy or rent ready-made ransomware kits on the dark web, no advanced coding skills needed. It is like cybercrime franchising: the original developer creates the malware, others deploy it, and profits are shared.

At the same time, attackers are shifting focus upstream. Instead of targeting one business at a time, they are going after third-party vendors and software providers, a method known as supply chain attacks. One weak link in your software or service stack can open the door to a catastrophic breach.

In one of the largest cyber incidents in recent memory, the Cl0p ransomware group exploited a vulnerability in MOVEit Transfer – an enterprise file transfer software widely used across industries. Over 2,700 organisations were compromised, and the personal data of more than 93 million individuals was exposed. Victims included banks, schools, healthcare providers, and even government agencies. According to Wikipedia⁴, the MOVEit breach is “one of the most widespread and damaging supply chain ransomware attacks to date”. The attack wasn’t direct, it was the result of a supply chain compromise, proving that even secure organisations can fall if a third-party tool is vulnerable.

Another high-profile case involved the LockBit group, a RaaS operation, that attacked multiple international organisations⁵. This included London Drugs in Canada where they demanded a ransom of US $25 million and University Hospital Centre Zagreb which had to revert to paper-based operations after their systems were encrypted. These attacks reflect how easy it is for criminals to scale ransomware operations, and how hard it is to recover once infected.

How to Stay Safe:

From smart fridges and security cameras to voice assistants and connected light bulbs, Internet of Things (IoT) devices have made homes and workplaces more convenient than ever. But with convenience comes risk, and IoT devices are now one of the weakest links in cyber security. The problem is that most IoT devices were not built with strong security in mind. They often come with default passwords, outdated firmware, and limited update capabilities, making them easy targets for hackers looking for a backdoor into larger networks. Once compromised, an IoT device can be used to spy on users, act as a launchpad for a broader network attack, or become part of a massive botnet used in distributed denial-of-service (DDoS) attacks.

While there hasn’t been a widely reported, multi-million-dollar IoT attack recently, experts warn that attacks on smart devices are growing at an alarming rate. A 2024 report by Avast⁶ revealed an increase in malware targeting IoT devices, often exploiting weak authentication and unpatched firmware vulnerabilities. In previous years, botnets like Mirai⁷ infected thousands of insecure IoT devices globally – turning everyday gadgets into cyberattack tools. This same type of vulnerability is being exploited again in new and more automated ways, as smart device adoption rises.

How to Stay Safe:

Artificial intelligence is not just powering your digital assistant or generating catchy email subject lines – it is also being used to automate cyberattacks in ways that are faster, smarter, and more persistent than ever. Agentic AI—autonomous software agents powered by large language models (LLMs) can make decisions, run tasks, and adapt on the fly. These bots can perform reconnaissance, generate convincing phishing emails, automate credential stuffing, and even look for security loopholes in real-time. They’re like hacker sidekicks that never sleep.

And if that’s not enough, we are also seeing the rise of prompt injection attacks⁸, where attackers sneak hidden commands or manipulations into documents, chat prompts, or web content to trick LLM-based systems into doing things they weren’t supposed to do. This is especially dangerous for organisations integrating AI into customer support, coding, or data workflows.

Security researchers and organisations like OpenAI, Microsoft, and the UK’s National Cyber Security Centre (NCSC) have issued formal warnings about prompt injection as a top threat now and beyond, particularly for AI-integrated platforms. For example, in a recent study, attackers were able to use hidden HTML or metadata to manipulate an LLM chatbot into exposing private or sensitive data, trick a code assistant into writing insecure software functions, bypass moderation filters simply by embedding instructions in external files or images. The NCSC reinforced this concern in their cyber threat outlook, urging developers and businesses to treat LLMs as potentially unsafe if exposed to external content without validation.

How to Stay Safe:

Cyber security is no longer about simply installing antivirus software or avoiding dodgy emails. The threats we face today – from deepfakes and ransomware to prompt injection attacks are far more advanced, more automated, and more convincing than ever. But with the right awareness, proactive habits, and a commitment to ongoing learning, you can significantly reduce your risk.

Whether you are a business owner, employee, or everyday internet user, the key is to stay curious, question the unexpected, and secure your digital spaces just like you would your physical ones. Cyber threats may be evolving, but so can your defences.