The Australian Competition & Consumer Commission (ACCC) says Australians lost a record $3.1 billion to scams in 2022, an 80% increase on total losses recorded in 2021.
Most of the losses were in investment scams, which accounted for $1.5 billion, followed by remote access scams which resulted in losses of $229 million and payment redirection scams which cost victims an additional $224 million.
These figures are based on data collected by the ACCC’s Scamwatch, ReportCyber, the Australian Financial Crimes Exchange (AFCX), IDCARE and various other government agencies.
According to the ACCC, the number of scam reports submitted to Scamwatch last year was just under 240,000, down 16.5% from 2021. However, financial losses per victim have increased 50% to reach an average of $20,000.
ACCC Vice President Catriona Lowe said this increase in the effectiveness of scams is a result of an increasing sophistication in the themes used by attackers, which makes scams more believable.
“We’ve seen alarming new tactics emerge that make scams incredibly hard to detect,” commented Lowe.
“This includes everything from impersonating official phone numbers, email addresses and websites of legitimate organizations to fraudulent texts that appear in the same conversation thread as genuine messages.”
The “Hi Mom” and “toll/Linkt” SMS scams have seen an explosive growth of 469% in 2022, causing Australians to lose nearly $25 million.
The biggest factor, however, was data breaches, which had a record year in Australia in 2022.
These security incidents are great opportunities for scammers to use as bait for fraudulent communications with targets.
“In the weeks following the data breaches, hundreds of reports were submitted to Scamwatch, including reports of scammers impersonating government departments and companies to carry out identity theft and identity scams. remote access.” -ACCC.
A notable 2022 security incident that crooks abused was Optus breaking up in September 2022which led to the leaking of the personal data of 11 million customers of the telecommunications company.
In October 2022, the Australian Federal Police (AFP) stopped a young Sydney resident who attempted to extort thousands of Optus customers via text message, demanding payment of $1,300 not to sell their data to hackers.
The most notable data breach in Australia for 2023 is Latitude Financial, which reached 14 million customers of the personal loan service provider.
The Australian state approved a National Privacy Amendment Bill late last year, setting a maximum A$50 million penalty for businesses that are victims of large-scale data breaches.