The rising cost of cybercrime

In 2017, more than six million consumers — one in three Australian adults — fell victim to identity theft, credit card fraud or had their passwords compromised.1 This cost the Australian economy more than $2.3 billion, and, at an individual level, cost each victim an average of approximately $195 and 16.2 hours (or more than two business days) to rectify.2

We explain a few common traps that you should watch out for to protect yourself online.

Advance fee fraud

This sort of scam generally involves someone contacting you to request that you pay a fee upfront or provide personal information in return for money or a reward. Unfortunately you’ll be waiting in vain for your prize to appear!

Phishing emails

Phishing is an attempt to trick you into supplying personal information, such as passwords and credit card details. Often, the email looks like it has come from a well-known company like a bank, an energy company or even the Australian Tax Office, Australia Post or PayPal. Remember, no matter how credible the email appears, most companies will never ask for this type of private information over email.

Social networking scams

Through a phishing email, scammers will ask you to enter your account details into a copy of a login page of a social networking site, such as, Facebook. Once they have your login details, they will take control of your profile to ask for money from your friends or family by pretending to be you in need of financial help.

Golden opportunity investment scams

These scams involve a fraudster offering you a fake investment opportunity that is ‘not to be missed’, ‘high return’ or ‘guaranteed’. Disturbingly, in 2018 more than $26 million has been reported lost to investment scams3.

With the recent hype surrounding Cryptocurrency, this is one type of investment where scamming is prevalent. The fraudsters advertise themselves as a person or company that helps people invest in Cryptocurrency.  If you show interest, the ‘investment broker’ directs you to a website that looks very professional and encourages you to sign up. After completing the registration, they ask you to deposit money by transferring funds or depositing Cryptocurrency into their online wallet. Once they receive your ‘investment’ the scammer becomes difficult to contact or disappears completely. You receive no return and your investment funds are gone for good.

To check if a company is licensed, use the Australian Securities and Investment Commission (ASIC) Australian Financial Services licensee register and before parting with any money, speak with your financial planner.


Ransomware is a type of malicious software (malware) that locks your computer so you can’t access your files until you pay a fee.

Ransomware can be an attachment or link in an email or on a website.

There are two main types of ransomware.

  • Crypto-ransomware: encrypts your files with an unknown password. The password is randomly generated by the attacker to make it impossible for you to guess. You won’t be able to access your files until you pay the ransom and get the password to unlock them from the attacker.
  • Lockscreen ransomware: locks your computer screen or files. A message will appear on your screen telling you that you need to pay a ransom before you get your access back. You won’t be able to remove the message or access your desktop, apps or any files until you enter the password to unlock your screen.

If you are ever infected with ransomware — The Australian Federal Police strongly advise that you never pay the ransom.4 Instead, restore your files from backup and seek technical advice.

There are a number of steps you can take to protect yourself online.

  • Passwords: To keep your passwords safe consider using a password manager, such as, Dashlane, LastPass, KeePass or RoboForm.
  • Suspicious contact: Don’t open suspicious texts, popup windows or emails and don’t click on links or open attachments. If in doubt, always delete the email or text. Be aware that scammers can use all forms of communication. Apart from email, you can also be contacted via telephone, letter, social media or text message. If you’re unsure whether a call or email is genuine, verify the identity of the contact through an independent source such as a phone directory or website.
  • Back it up: remember to use a portable hard drive, USB or cloud service to back up your documents and photos on your computer or phone on a regular basis. By backing up you can easily recover all your computer files should you become a victim of cybercrime. Also, make sure you disconnect your back up from your computer because any backups connected to your computer could also be rendered unusable.
  • Antivirus: ensure you run antivirus software with the latest antivirus signatures to scan for malicious code.

For further information on cybercrime visit the Scamwatch and ACORN websites.

If you’re contacted out of the blue with an investment opportunity that sounds too good to be true, please contact us before going ahead with any decision.

1 Norton ‘Cyber Security Insights Report — Australia’ 2017
2 Nine Finance ‘Six million Australians fell victim to cybercrime in 2017’, Stuart Marsh, 19 February 2018
3 ACCC ‘Beware investment wolves knocking at the door’ 23 July 2018
4Australian Government ‘Stay smart online’ — Ransomware