SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image

Scam reports surge by nearly 50% in first half of 2023

Thu, 10th Aug 2023
FYI, this story is more than a year old

Scams have skyrocketed in the first half of 2023, with new data revealing that 156,279 scams have been reported this year, an increase of more than 48% compared to the same period last year (105,144 reports).

While the number of scam reports has increased since 2022, findings from the Australian Competition and Consumer Commissions (ACCC) Scamwatch show that financial losses are down slightly ($293 million in H1 2022 versus $286 million in H1 2023). 

The monthly average lost to scams, which was $48.89 million in the first half of 2022, remains steady despite the number of scams dramatically increasing, with the monthly average lost so far in 2023 on par at $47.73 million. June had the lowest number of scams reported and financial losses recorded this year to date, with around 23,000 reports and $38.4 million lost.

Investment scams were the most financially damaging during the first half of the year, causing 60% of all losses at more than $171 million, despite there being only 4,666 reports of which nearly half resulted in financial loss. This was followed by dating and romance scams, false billing scams, and phishing, which have cost Australians over $18.4 million, $17.4 million, and $17.3 million in 2023 respectively.

New South Wales continues to be the hotspot state for scam activity, accounting for the highest financial loss and number of reported scams so far this year. The state lost over $88 million to cyber criminals in 2023 and over 47,000 scam reports. This was followed by Victoria and Queensland, which had over 39,000 and 31,000 scams reported and lost $62.5 million and $54.6 million respectively.

Text messages are the most frequently reported scam delivery method so far this year with 60,606 reports, mirroring 2022. Financial losses are higher among other common delivery methods however, with email and phone, the second and third most frequently reported methods, resulting in losses of over $65.2 million and $51 million respectively, compared to only $14.5 million via text.

Cybersecurity and compliance company Proofpoint suggests the use of conversational tools including texts, emails and phone calls demonstrates how threat actors are beginning to match their ingenuity with new-found precision and patience. 

The company explored the trend in its 2023 Human Factor Report, which revealed that social engineering attacks, which includes the popular text message smishing scam and pig butchering threats, which start with attackers sending seemingly harmless messages, surged last year. 

The report finds that cybercriminals are investing significant time exchanging benign messages with their targets to build rapport over the course of weeks and months.

Some other key findings from ACCC Scamwatch include:

Over 65s continue to be targeted by cyber criminals, with the age group suffering over $66 million in total losses so far this year and contributing to over 34,000 reports. While men have accounted for 57.1% ($163.5 million) of losses compared to 41.9% ($120 million) for women, it appears women are more likely to report scams. Women account for 50.2% of scam reports, compared to 47.6% of these reports coming from men.

The half yearly ACCC Scamwatch data comes as the National Anti-Scam Centre, which was launched on 1 July 2023, issues its first warning of a new scam targeting Australians, with a loyalty point program scam using text messages to solicit the credit card details of Qantas Frequent Flyer, Telstra and Coles loyalty programs customers.

"Despite 2022 being an unprecedented and record-breaking year for scams, 2023 is already shaping up to see a similar amount of scam activity," says Adrian Covich, Systems Engineering APJ at Proofpoint.

"While the ACCCs data is a helpful guide for how the nation is tracking, the numbers do not cover the true extent of the damage caused by cyber criminals every day," he says. 

"Many Australians who receive scam calls, texts and emails may not report them at all, and those who become victims of these scams and do report them are much more than a number."

So far this year, Covich says phone and text message scams remain one of the most popular methods for scammers due to the ability to execute mass phishing campaigns at very little cost.

"From savvy social engineering techniques such as pig butchering, where skilled individuals take advantage of online conversations to lure in everyday Australians, to the more common investment scams, cyber criminals are leaving no stone unturned in their fight to rob Australians of their life savings," he says.

While reports have skyrocketed, Covich says it is encouraging to see early indications that Australians may be becoming more cyber aware. 

"Financial losses are down and reports of scams are up, which shows us that more people are reporting potential scammers and their less likely to hand over money. While this is promising, we encourage Australians to remain vigilant as scammers and cybercriminals will continue to leverage current events and social engineering techniques to target them during the second half of the year," he says. 

"We urge Australians to stay protected by staying up to date with Scamwatch's active scam alerts and by utilising Proofpoints' online resources, such as our top tips to avoid being scammed. We also recommend never giving out personal or financial information to someone they dont know, whether thats over phone, email, text, or the internett."

Proofpoint's tips to avoid being scammed: 

  • Never share personal or financial information including bank account or credit card details with someone you don't know.  
  • Do not click through links or open attachments from unknown senders whether thats over email, text, social media or online.  
  • Look out for spelling and grammatical errors, these can suggest a message is a scam.  
  • Only communicate with an organisation through official channels found on company websites, do not reply directly to emails or click on links provided.  
  • Do not share passwords with people and ensure you change passwords regularly. Consider using a password manager to help protect your personal information from being stolen.  
  • Be cautious about phone calls or emails that come out of the blue with investment offers or travel and other prizes.  
     
Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X