Cybercrime on the Rise in 2022, after Australians Lost Over $300 million to Scams Last Year

Savvy’s online scams report reveals the latest figures and what you can do to protect against cyber attacks.
Written by 
Bill Tsouvalas
Bill Tsouvalas is the managing director and a key company spokesperson at Savvy. As a personal finance expert, he often shares his insights on a range of topics, being featured on leading news outlets including News Corp publications such as the Daily Telegraph and Herald Sun, Fairfax Media publications such as the Australian Financial Review, the Seven Network and more. Bill has over 15 years of experience working in the finance industry and founded Savvy in 2010 with a vision to provide affordable and accessible finance options to all Australians. He has built Savvy from a small asset finance brokerage into a financial comparison website which now attracts close to 2 million Aussies per year and was included in the BRW’s Fast 100 in 2015 as one of the fastest-growing companies in the country. He’s passionate about helping Australians make financially savvy decisions and reviews content across the brand to ensure its accuracy. You can follow Bill on LinkedIn.
Our authors
, updated on October 17th, 2022       

Fact checked

At Savvy, we are committed to providing accurate information. Our content undergoes a rigorous process of fact-checking before it is published. Learn more about our editorial policy.

The Covid-19 pandemic has given scammers and hackers an advantage. As remote work pushes more Australians online, the jump in cybercrime hits record-high rates sparking major concerns for businesses and families. Savvy’s online scams report reveals the latest figures and what you can do to protect against cyber attacks.

Cybercrime on the Rise in 2022, after Australians Lost Over $300 million to Scams Last Year


  • The top scam types by amount lost are investment scams ($48,845,514) and dating and romance ($8,101,643)
  • New South Wales was hit the hardest with online shopping scams, followed by Victoria
  • 43% of cyber attacks target small to medium businesses
  • Currently, the total amount lost in scams for 2022 is $72,231,217
  • 84% spike in scams since last year
  • Top industries affected are education, government, healthcare, communications and software vendors
  • Smartphones are the primary delivery method for attacks 
  • The estimated average cost of cybercrime to the global economy is $445 billion yearly
  • One in four Australians have fallen victim to identity fraud
  • Cybercriminals can penetrate 93% of company networks

We’re living in a digital era where information and data are more valuable than gold and oil. After 2 years of remote working, online vulnerabilities are escalating with cloud breaches, phishing, account takeover attacks and ransomware among the top concerns.

Optus data breach – October 2022 update

The September 22nd cyberattack on Optus, one of Australia’s biggest telcos, has affected an estimated 2.1 million customers.

According to Optus, some 9.8 million individual records have been exposed and are now reportedly in the hands of hackers.  

What data was exposed?

While initially unclear, it has come to light that the data included a broad swathe of personal information, including:

  • Names
  • DOB
  • Email addresses
  • Phone numbers,
  • Postal addresses
  • Drivers’ license numbers
  • Passport numbers
  • Medicare numbers

It has been reported that 14,900 odd valid Medicare ID numbers were stolen in the breach. On top of that, a further 22,000 expired Medicare numbers were hacked.

In a worrying development, 10,200 individual customer's personal information was posted online by the hackers responsible, along with a ransom demand for some $1 million USD. The ransom has since been withdrawn, leading some to question the sophistication of the perpetrators.

What are the risks?

The main risk for those whose information has been stolen is identity theft. Bad actors would feasibly have enough information to apply for credit cards in the affected individual’s name. This would not only put them at risk of having debts accrued against their name, but also put their credit score in jeopardy, which would affect them for years to come.

How can I protect myself?

Anyone directly impacted should seek replacement documents as soon as possible. Furthermore, contacting credit score companies, such as Equifax, and putting a hold on credit score applications would be advisable.

2022 Cybercrime Report

Hybrid and remote work trend ensures another year of online vulnerability

The virus crisis is fuelling the growth in cybercrime as hybrid and remote work rises. Recent data shows Australians have lost more than $72 million in scams, and we’re only three months into 2022. Compared to this time last year that’s an increase of over $10 million in the first quarter.

Working from home and lockdowns have changed the way Australians use the Internet, with many people investing in their home office using savings or personal loans. The reliance on IoT devices, along with virtual classrooms, online communications, work, study and day-to-day life present new opportunities. But they also come with the responsibility to protect data from being accessed by unauthorised parties.

As malicious hackers switch their focus to online work, we must put stronger access controls in place to reduce scams and prepare for the future.

The sharp rise in cybercrime has targeted education, government, healthcare and medical research facilities. Other industries also at stake include business, communications, software vendors, financial and legal services, and real estate.

Now remote work and cloud use have become accepted in the workforce, it’s imperative that the security gaps within the system are addressed.

Small to medium businesses are most at risk

Small to medium businesses typically have less cybersecurity protection making them more vulnerable. 43% of cyber attacks target SME businesses, according to a report from Australian cybersecurity firm Kaine Mathrick Tech. Even more concerning, only 5% of businesses' data folders are protected.

Businesses of all sizes must have an extensive understanding of where their online threats are most likely to come from, with an action plan on the best way to handle them. Recent research shows that one cybercrime targets Australian businesses every 10 minutes.

Ransomware remains one of the top threats.

In 2022, a ransomware attack occurs every 11 seconds. Last year, the ransomware industry shot up to a whopping $20 billion. A report by Privacy Australia revealed mobile ransomware attacks are also up by 33%.

Phishing, hacking, remote access scams and malware are ongoing concerns too – on and offsite, in the office and at home. Scamwatch data shows the main delivery methods for these attacks are smartphones and email.

The problem is, many SME businesses don’t have the budget for cybersecurity. A quieter than expected economy could be to blame for the lack of spending, making business owners increasingly worried about the emerging threats.

Hackers and scammers are getting more ambitious and bolder in their attempts, targeting online activities to take advantage of people in all occupations and from all walks of life. It’s no longer only necessary to set security measures and forget about them. Preventative actions, multi-layered approaches and regular assessments are key to staying ahead.

The true costs of cybercrime

According to Scamwatch, the highest scams are investment scams and dating and romance, totalling over $56 million. Followed by false billing ($3.5 million), online shopping scams ($1.8 million) and identity theft ($800k).

New South Wales ($21 million) and Victoria ($16 million) are the states most impacted by online shopping scams, with Queensland ($12 million) and Western Australia ($11 million) not far behind.

Australians aged over 65 reported the greatest losses to scams since January totalling over $17 million. Other age groups most at risk are 25 to 34 and 35 to 44 year olds. Scams and reports by Australians under the age of 18 also increased by over 50%. Women lost more money to scams totalling over $36 million, compared to $35 million lost by men.

Who’s behind data breaches?

The majority of cyber attacks are triggered by insiders, outsiders, business partners, organised crime groups and affiliated groups.

According to a data breach report by Verizon, outsiders are the biggest culprit (70%) followed by organised crime groups (55%) and insiders (30%).

Zero Trust

2022 is the year of deep suspicion. Zero trust is an approach that shifts people away from the classic, ‘trust but verify’ cybersecurity adage. Over the years it’s evolved to the opposite – ‘never trust, always verify’, reminding people that no one is safe from cybercrime in this digital age.

These safeguards use an initial authentication, under an additional layer of security requiring multiple factors to access. All users inside and outside of an organisation are required to authorise their access with a zero trust strategy, allowing the least privileged entry.

This approach is critical to:

  • Mitigate financial impact
  • Reduce the average cost of data breaches
  • Prevent identity theft
  • Restricts access controls, without compromising performance and user experience

Cyber risk management should be a top priority in 2022

If 2021 has taught us anything, it’s that cybersecurity continues to be one of the biggest challenges of our era.

With the everyday obstacles of Covid-19, cyber risk management has taken a backseat. 2022 will still see many people working remotely making it a top priority for businesses and households to identify, understand and manage security concerns.

How to stay safe from financial scams

As the cost of cybercrime continues to rise, more organisations will need to invest in cybersecurity to protect their in-house and remote teams.

People can expect more attacks on their smartphones, home computers and networks with cybercriminals taking advantage of security holes. The rush to the cloud and increase of IoT devices will also cause challenges.

Businesses and families can protect themselves by managing their biggest risks and the culprits that make people vulnerable, such as a lack of established protocols and unsecured networks.

Implement prevention-based security solutions in your home, business and on the go. Make sure you:

  • Know what devices you have and the vulnerabilities that can be exploited
  • Understand what data is regulated, private and sensitive
  • Provide comprehensive and current cybersecurity training and education to staff
  • Update hardware and software regularly
  • Revisit risks and priorities
  • Secure all networks
  • Use multifactor authentication and control access
  • Watch for SMS phishing and lookalike sites
  • Check for data leaks with software
  • Download carefully

For media enquiries, please contact Jayde Walker at [email protected]



About Savvy

Savvy is one of Australia’s largest online financial brokers, focusing on personal and commercial financial products. Founded in 2010, the firm has seen rapid growth, a testament to their provision of market leading rates and reaching customers with the latest in media and technology. Savvy is a proud supporter of Kids Under Cover, a charity assisting homeless and at-risk youth to strengthen their bonds to community and education. Savvy was named one of BRW’s fastest growing companies in 2015.

Latest media releases

Cheap garden shed in Australian backyard
Media Releases
What to Know About Cheap Sheds in Australia 

One of the mainstays in Australian homes with a yard is the humble yet indispensable garden shed. Garden sheds have …

Man choosing a car online
Media Releases
Aussies Flock Online To Research Their Next Car Purchase

A representative survey (n=1,000) conducted by Savvy into attitudes towards automotive purchases by Australians has revealed that 72% of Australians …

Global automotive show
Media Releases
Global Automotive Consumer Trends – Sentiment, Electrification & The Future

As of 2023, there are many disruptions in the global automotive market. High and persistent inflation, stretched-thin supply chains, and …