Incidente 1275: Purportedly AI-Enhanced Phishing Campaign Allegedly Impersonates Australian Government Services in Large-Scale Welfare Scam

Descripción: A large-scale phishing campaign allegedly impersonating Services Australia and Centrelink reportedly sent more than 270,000 fraudulent emails in 2025. Mimecast analysts reportedly say attackers (designated MCTO3001) used AI tools to generate highly convincing government-themed messages and evasion techniques, targeting vulnerable Australians and public institutions. Victims reportedly faced risks of credential theft and downstream digital exploitation.

Editor Notes: Timeline note: According to Mimecast, the alleged phishing campaign had reportedly been active for roughly four months prior to publication, with attackers sending an average of 70,000 AI-generated spoofed government emails per month. The activity reportedly appears to have been ongoing from approximately July 2025 through November 2025. The incident ID date of 11/17/2025 is taken from The Sydney Morning Herald's initial reporting.

Herramientas

Nuevo Informe Nueva Respuesta DescubrirVer Historial

Entidades

Ver todas las entidades

Alleged: Unknown generative AI developers developed an AI system deployed by Unknown cybercriminals y MCTO3001, which harmed Medicare of Australia beneficiaries , Government of Australia , General public of Australia , General public , Centrelink beneficiaries , Centrelink , Australian welfare recipients , Australian businesses , Epistemic integrity y Truth.

Sistemas de IA presuntamente implicados: Unknown large language models , Unknown generative AI systems , AI-generated phishing content y AI-assisted email impersonation workflows

Estadísticas de incidentes

1275

Cantidad de informes

Fecha del Incidente

2025-11-17

Editores

Daniel Atherton

Informes del Incidente

Cronología de Informes

Cybercriminals unleash fake Centrelink scam on vulnerable Australians

smh.com.au

smh.com.au · 2025

More than 270,000 malicious emails impersonating Services Australia and Centrelink have flooded Australian inboxes in one of the nation's largest phishing campaigns in years, with the sophisticated attacks specifically targeting the country…

Variantes

Una "Variante" es un incidente de IA similar a un caso conocido—tiene los mismos causantes, daños y sistema de IA. En lugar de enumerarlo por separado, lo agrupamos bajo el primer incidente informado. A diferencia de otros incidentes, las variantes no necesitan haber sido informadas fuera de la AIID. Obtenga más información del trabajo de investigación.

¿Has visto algo similar?

Incidente Anterior