EOFY pressures drive cyber risk for Australian firms
Mon, 6th Jul 2026 (Today)
WatchGuard Technologies is warning Australian organisations about rising cyber risks during the end of financial year and major global events such as the FIFA World Cup. Attackers are exploiting operational pressure, tight deadlines and interconnected digital systems.
Anthony Daniel, WatchGuard's Managing Director for Australia, New Zealand and the Pacific Islands, said EOFY activity is now attracting more sophisticated attacks than in previous years. Finance and payroll teams face a mix of social engineering, business email compromise and impersonation scams that are increasingly difficult to distinguish from legitimate requests. Cybercriminals are also embedding scams in routine workflows, including supplier bank detail changes and document-sharing platforms.
He said generic awareness messages about strong passwords and suspicious links no longer reflect the risks organisations face. Employees working to filing deadlines often process high volumes of emails and payment approvals in short periods, making them less likely to question urgent requests or notice anomalies in sender addresses and payment details.
Recent Australian data points to a steady rise in scam activity. In one recent month, the Australian Taxation Office received 1,386 reports of impersonation scams, up 11 per cent on the previous month. The National Anti-Scam Centre also reported that Australians lost more than AUD $2 billion to scams in 2025.
WatchGuard research found that 75 per cent of organisations experienced at least one cyber incident in the past year, while 54 per cent lack the capacity for continuous monitoring and response. Daniel said that gap leaves businesses exposed when they rely on manual checks or limited-hours security operations during their busiest trading periods.
"With the EOFY fast approaching, cybercriminals are poised to exploit normal business processes at their busiest and most pressured point. Gone are the days when threats were primarily fake ATO emails or fraudulent invoices. Today, attacks seamlessly integrate into standard business workflows: requests to update supplier bank details, shared documents from trusted contacts, or individuals claiming to assist payroll or finance teams are all tactics used to blend in.While generic EOFY advice often stresses strong passwords and caution around unsolicited messages, that guidance falls short. Under deadline pressure, employees can easily overlook warning signs and make mistakes.
In May 2026 alone, the Australian Taxation Office received 1,386 reports of impersonation scams, an 11% increase from April. The National Anti-Scam Centre also highlighted that Australians lost more than $2 billion to scams in 2025. WatchGuard's research found that 75% of organisations experienced at least one cyber incident in the past year, while 54% lack the capacity for continuous monitoring and response.
For businesses, the key question is not whether every scam can be stopped before it lands. It is what happens if one gets through. If an employee clicks a malicious link or approves a dubious request, can an attacker escalate access to financial systems or exploit compromised accounts?
EOFY security should prioritise containment as well as prevention. Multi-factor authentication should be enforced across critical applications, remote access tools should be reviewed and monitored, and controls such as DNS filtering, endpoint detection, cloud visibility and incident response processes should be tested before the busiest period hits.
Cybercriminals exploit the pressures of EOFY, so resilient businesses do not just assume every scam will be detected. They prepare for the possibility that a single error could escalate into a larger incident."
Daniel said the same dynamics apply to large-scale live events that depend on digital infrastructure. The FIFA World Cup has turned stadium operations, ticketing, payment systems and broadcasting into a tightly connected ecosystem that must function in real time. Any disruption can have immediate consequences for event organisers, sponsors and service providers.
He said the tournament is now a global stress test for security and resilience across public and private systems. Digital platforms face heavy demand and heightened public scrutiny, while attackers are drawn to events where any outage or data breach can carry greater impact during periods of maximum attention.
WatchGuard's research on incident volumes and monitoring gaps also informs Daniel's view of major event risk. He said limited visibility across networks and cloud services hampers organisations that need fast detection and a coordinated response. Business continuity plans that do not incorporate cyber response measures can leave gaps when systems go offline or data becomes unavailable.
Australian organisations running high-volume digital services or managing spikes in online activity can draw clear parallels. Daniel said they should focus on identity security, around-the-clock detection and response, and clear incident-handling playbooks. Pressure and urgency, he added, often expose weaknesses in fragmented systems or ad hoc security processes.
He linked effective cyber preparation during these moments to broader trust in digital services. Outages that begin as technical incidents can quickly become reputational issues for brands that depend on online engagement.
"As the world tunes into the FIFA World Cup, cybercriminals are watching too. Major sporting events of this scale create a unique security challenge, with stadium operations, ticketing platforms, payment networks and broadcasting infrastructure becoming deeply interconnected and expected to perform seamlessly under intense public pressure. That combination of high visibility, high stakes and compressed timelines creates the perfect environment for attackers to exploit.For Australian organisations managing spikes in traffic or high-volume digital services, the lesson extends beyond sport. When an account is compromised or a system is disrupted, the impact is no longer confined to IT. It can quickly affect customer trust, operational continuity and brand reputation.
WatchGuard's research found that 75% of organisations experienced at least one cyber incident in the past year, while 54% lack the capacity for continuous monitoring and response. Those gaps become far more consequential when attackers can take advantage of urgency, distraction and fragmented systems.
The organisations best placed to manage moments like this take a unified approach to cybersecurity, underpinned by Zero Trust principles, continuous monitoring and rapid threat response. During a tournament like the World Cup, reducing the time between detection and response can mean the difference between a contained incident and a major disruption.
Organisations need to strengthen identity security, ensure they have access to 24/7 monitoring and response capabilities, and build plans that keep business continuity front and centre. The success of a global sporting event is increasingly dependent on the security and resilience of the digital infrastructure operating behind the scenes."