Scams have caught increasing numbers of Australians, and could cost up to $4 billion by the end of the year.
The Australian Competition and Consumer Commission’s (ACCC) Scamwatch found scammers are “relentlessly targeting Australians”, amounting to losses of $424.8 million between January and September.
That’s a 90 per cent increase on the same period last year.
These numbers vastly understate actual losses, as only about 13 per cent of victims report to Scamwatch.
A growing disaster
The scams typically focus on asking people to click on links and provide personal and financial information – known as phishing.
Scammers often impersonate government departments and businesses to carry out identity theft and remote access scams.
The most straightforward scams are often the most convincing.
Earlier in the year, the ACCC was overwhelmed with complaints about the “Hi Mum” scam. The racket involves criminals impersonating a household member, saying they’ve broken their phone and can’t access their online banking, before asking the victim to transfer money into an account.
About $292 million has been lost to investment scams between January and September, followed by dating and romance scams ($29 million) and remote access scams ($18 million).
The top three reported scams were phishing (50,015 reports), false-billing (16,263 reports) and online shopping scams (13,068 reports).
Scammers favour contacting people by phone, followed by SMS and email.
As little as 30 per cent of scams and data breaches are reported, RMIT associate professor Mark Gregory says, and the situation was a “growing disaster”.
“It’s only because the government has stepped in and told bigger companies to take responsibility that we’re seeing instances of data breaches being more widely reported,” he said.
Professor Gregory believes corporate Australia is shirking its responsibility by failing to report incidents of data breaches.
“I believe that Australians have been dudded and that industry is seriously compromising peoples’ futures,” he said.
“It’s only through class action lawsuits that we may start to see some action because companies just don’t care at present.”
The ACCC says that millions of Australians have been made more vulnerable to scams following the recent cyber attacks on Optus and Medibank.
ACCC deputy chair Delia Rickard said there has “never been a more important time to know the tell-tale signs of a scammer”.
“We know scammers are relentlessly targeting Australians,” she said.
“Scammers evolve quickly, and their tactics are becoming increasingly sophisticated and unscrupulous.
“There have been hundreds of reports to Scamwatch in the weeks after the recent high-profile data breaches and that is expected to continue,” Ms Rickard said.
The best defence against scams is education, Professor Gregory told TND.
“Everyone needs to take some time to look at the Scamwatch website, the ATO website, and actually learn about the common methods to tackle scams.
“If you’re aware, you’re less likely to be affected.”
He said people should also consider investing in commercial grade anti-virus software as it will capture and isolate many scam emails in users junk inboxes, and also blocks links on webpages.
“Unfortunately, this is yet another cost,” he said.
“But the cost of paying for software versus having your identity stolen or ransomeware or malware affecting your computer … that’s just horrifying.”
What can I do if I’m caught in a scam?
It sounds obvious, but contacting the police is a good place to start. If you have experienced cybercrime and lost money online, you can report to police via ReportCyber.
Scams can also be reported to Scamwatch and Cyber.gov.au.
Scamwatch’s top tips for avoiding scams
Stop: Take your time before giving money or personal information to anyone. Scammers will offer to help you or ask you to verify who you are. They will pretend to be from organisations you know and trust like a business you deal with, police, government or fraud service.
Think: Ask yourself could the message or call be fake?
Never click a link in a message, and ask a trusted friend or family member what they would do. Only contact businesses or government using contact information from their official website or through their secure apps. If you’re not sure say no, hang up or delete.
Protect: Act quickly if something feels wrong. Contact your bank immediately if you lose money or personal information or if you notice some unusual activity on you cards or accounts. Seek help from organisations like IDCARE and report online crime to ReportCyber. Help others by reporting scams to Scamwatch.
- Make your accounts as safe as your home. Set up extra steps on your accounts to stop people getting in.
- Add more steps to show who you are when you log into your online services and apps. This is called multi-factor authentication.
- This could be a code sent to your phone, a token or secret question. Your face or fingerprint or voice can also be the key to let you into your accounts.
- Ask your banks and service providers how to add more checks so no one can pretend to be you. And don’t forget to tell them if you have been in a data breach.