Cybercrime on the Rise in 2022, after Australians Lost Over $300 million to Scams Last Year

Savvy’s online scams report reveals the latest figures and what you can do to protect against cyber attacks.
Published on March 30th, 2022
  Written by 
Adrian Edlington
Adrian Edlington is PR & Communications Manager at Savvy. With a keen interest in personal finance, car loans, the mortgage industry, cost of living pressures, electric vehicles and renewable technology, Adrian's research includes conducting primary data surveys and analysis of up-to-the-minute secondary Australian data sources. His work on behalf of Savvy has been featured on ABC.net.au The Conversation, the Sydney Morning Herald, AFR, News.com.au, The Age, Herald Sun, Adelaide Now, SBS On The Money, 7News, Car Expert, Which Car, Drive.com.au and more. In his spare time, Adrian enjoys mountain biking and business podcasts.
Our authors
   Reviewed by 
Bill Tsouvalas


Bill Tsouvalas
Bill Tsouvalas is the managing director and a key company spokesperson at Savvy. As a personal finance expert, he often shares his insights on a range of topics, being featured on leading news outlets including News Corp publications such as the Daily Telegraph and Herald Sun, Fairfax Media publications such as the Australian Financial Review, the Seven Network and more. Bill has over 15 years of experience working in the finance industry and founded Savvy in 2010 with a vision to provide affordable and accessible finance options to all Australians. He has built Savvy from a small asset finance brokerage into a financial comparison website which now attracts close to 2 million Aussies per year and was included in the BRW’s Fast 100 in 2015 as one of the fastest-growing companies in the country. He’s passionate about helping Australians make financially savvy decisions and reviews content across the brand to ensure its accuracy. You can follow Bill on LinkedIn.
Our authors

Fact checked

At Savvy, we are committed to providing accurate information. Our content undergoes a rigorous process of fact-checking before it is published. Learn more about our editorial policy.
Cybercrime on the Rise in 2022, after Australians Lost Over $300 million to Scams Last Year

At Savvy, our mission is to empower you to make informed financial choices. While we maintain stringent editorial standards, this article may include mentions of products offered by our partners. Here’s how we generate income.

The Covid-19 pandemic has given scammers and hackers an advantage. As remote work pushes more Australians online, the jump in cybercrime hits record-high rates sparking major concerns for businesses and families. Savvy’s online scams report reveals the latest figures and what you can do to protect against cyber attacks.


  • The top scam types by amount lost are investment scams ($48,845,514) and dating and romance ($8,101,643)
  • New South Wales was hit the hardest with online shopping scams, followed by Victoria
  • 43% of cyber attacks target small to medium businesses
  • Currently, the total amount lost in scams for 2022 is $72,231,217
  • 84% spike in scams since last year
  • Top industries affected are education, government, healthcare, communications and software vendors
  • Smartphones are the primary delivery method for attacks 
  • The estimated average cost of cybercrime to the global economy is $445 billion yearly
  • One in four Australians have fallen victim to identity fraud
  • Cybercriminals can penetrate 93% of company networks

We’re living in a digital era where information and data are more valuable than gold and oil. After 2 years of remote working, online vulnerabilities are escalating with cloud breaches, phishing, account takeover attacks and ransomware among the top concerns.

Optus data breach – October 2022 update

The September 22nd cyberattack on Optus, one of Australia’s biggest telcos, has affected an estimated 2.1 million customers.

According to Optus, some 9.8 million individual records have been exposed and are now reportedly in the hands of hackers.  

What data was exposed?

While initially unclear, it has come to light that the data included a broad swathe of personal information, including:

  • Names
  • DOB
  • Email addresses
  • Phone numbers,
  • Postal addresses
  • Drivers’ license numbers
  • Passport numbers
  • Medicare numbers

It has been reported that 14,900 odd valid Medicare ID numbers were stolen in the breach. On top of that, a further 22,000 expired Medicare numbers were hacked.

In a worrying development, 10,200 individual customer's personal information was posted online by the hackers responsible, along with a ransom demand for some $1 million USD. The ransom has since been withdrawn, leading some to question the sophistication of the perpetrators.

What are the risks?

The main risk for those whose information has been stolen is identity theft. Bad actors would feasibly have enough information to apply for credit cards in the affected individual’s name. This would not only put them at risk of having debts accrued against their name, but also put their credit score in jeopardy, which would affect them for years to come.

How can I protect myself?

Anyone directly impacted should seek replacement documents as soon as possible. Furthermore, contacting credit score companies, such as Equifax, and putting a hold on credit score applications would be advisable.

2022 Cybercrime & Online Scams Report Infographic

Hybrid and remote work trend ensures another year of online vulnerability

The virus crisis is fuelling the growth in cybercrime as hybrid and remote work rises. Recent data shows Australians have lost more than $72 million in scams, and we’re only three months into 2022. Compared to this time last year that’s an increase of over $10 million in the first quarter.

Working from home and lockdowns have changed the way Australians use the Internet, with many people investing in their home office using savings or personal loans. The reliance on IoT devices, along with virtual classrooms, online communications, work, study and day-to-day life present new opportunities. But they also come with the responsibility to protect data from being accessed by unauthorised parties.

As malicious hackers switch their focus to online work, we must put stronger access controls in place to reduce scams and prepare for the future.

The sharp rise in cybercrime has targeted education, government, healthcare and medical research facilities. Other industries also at stake include business, communications, software vendors, financial and legal services, and real estate.

Now remote work and cloud use have become accepted in the workforce, it’s imperative that the security gaps within the system are addressed.

Small to medium businesses are most at risk

Small to medium businesses typically have less cybersecurity protection making them more vulnerable. 43% of cyber attacks target SME businesses, according to a report from Australian cybersecurity firm Kaine Mathrick Tech. Even more concerning, only 5% of businesses' data folders are protected.

Businesses of all sizes must have an extensive understanding of where their online threats are most likely to come from, with an action plan on the best way to handle them. Recent research shows that one cybercrime targets Australian businesses every 10 minutes.

Ransomware remains one of the top threats.

In 2022, a ransomware attack occurs every 11 seconds. Last year, the ransomware industry shot up to a whopping $20 billion. A report by Privacy Australia revealed mobile ransomware attacks are also up by 33%.

Phishing, hacking, remote access scams and malware are ongoing concerns too – on and offsite, in the office and at home. Scamwatch data shows the main delivery methods for these attacks are smartphones and email.

The problem is, many SME businesses don’t have the budget for cybersecurity. A quieter than expected economy could be to blame for the lack of spending, making business owners increasingly worried about the emerging threats.

Hackers and scammers are getting more ambitious and bolder in their attempts, targeting online activities to take advantage of people in all occupations and from all walks of life. It’s no longer only necessary to set security measures and forget about them. Preventative actions, multi-layered approaches and regular assessments are key to staying ahead.

The true costs of cybercrime

According to Scamwatch, the highest scams are investment scams and dating and romance, totalling over $56 million. Followed by false billing ($3.5 million), online shopping scams ($1.8 million) and identity theft ($800k).

New South Wales ($21 million) and Victoria ($16 million) are the states most impacted by online shopping scams, with Queensland ($12 million) and Western Australia ($11 million) not far behind.

Australians aged over 65 reported the greatest losses to scams since January totalling over $17 million. Other age groups most at risk are 25 to 34 and 35 to 44 year olds. Scams and reports by Australians under the age of 18 also increased by over 50%. Women lost more money to scams totalling over $36 million, compared to $35 million lost by men.

Who’s behind data breaches?

The majority of cyber attacks are triggered by insiders, outsiders, business partners, organised crime groups and affiliated groups.

According to a data breach report by Verizon, outsiders are the biggest culprit (70%) followed by organised crime groups (55%) and insiders (30%).

Zero Trust

2022 is the year of deep suspicion. Zero trust is an approach that shifts people away from the classic, ‘trust but verify’ cybersecurity adage. Over the years it’s evolved to the opposite – ‘never trust, always verify’, reminding people that no one is safe from cybercrime in this digital age.

These safeguards use an initial authentication, under an additional layer of security requiring multiple factors to access. All users inside and outside of an organisation are required to authorise their access with a zero trust strategy, allowing the least privileged entry.

This approach is critical to:

  • Mitigate financial impact
  • Reduce the average cost of data breaches
  • Prevent identity theft
  • Restricts access controls, without compromising performance and user experience

Cyber risk management should be a top priority in 2022

If 2021 has taught us anything, it’s that cybersecurity continues to be one of the biggest challenges of our era.

With the everyday obstacles of Covid-19, cyber risk management has taken a backseat. 2022 will still see many people working remotely making it a top priority for businesses and households to identify, understand and manage security concerns.

How to stay safe from financial scams

As the cost of cybercrime continues to rise, more organisations will need to invest in cybersecurity to protect their in-house and remote teams.

People can expect more attacks on their smartphones, home computers and networks with cybercriminals taking advantage of security holes. The rush to the cloud and increase of IoT devices will also cause challenges.

Businesses and families can protect themselves by managing their biggest risks and the culprits that make people vulnerable, such as a lack of established protocols and unsecured networks.

Implement prevention-based security solutions in your home, business and on the go. Make sure you:

  • Know what devices you have and the vulnerabilities that can be exploited
  • Understand what data is regulated, private and sensitive
  • Provide comprehensive and current cybersecurity training and education to staff
  • Update hardware and software regularly
  • Revisit risks and priorities
  • Secure all networks
  • Use multifactor authentication and control access
  • Watch for SMS phishing and lookalike sites
  • Check for data leaks with software
  • Download carefully

Did you find this page helpful?

Thanks for your feedback!

This guide provides general information and does not consider your individual needs, finances or objectives. We do not make any recommendation or suggestion about which product is best for you based on your specific situation and we do not compare all companies in the market, or all products offered by all companies. It’s always important to consider whether professional financial, legal or taxation advice is appropriate for you before choosing or purchasing a financial product.

The content on our website is produced by experts in the field of finance and reviewed as part of our editorial guidelines. We endeavour to keep all information across our site updated with accurate information.

In this article

Share this article

Share on facebook
Share on twitter
Share on linkedin
Share on email
Share on pinterest

Smart money saving tips

Subscribe to our newsletter.

By subscribing you agree to our privacy policy

About Savvy

Savvy is one of Australia’s largest online financial brokers, focusing on personal and commercial financial products. Founded in 2010, the firm has seen rapid growth, a testament to their provision of market leading rates and reaching customers with the latest in media and technology. Savvy is a proud supporter of Kids Under Cover, a charity assisting homeless and at-risk youth to strengthen their bonds to community and education. Savvy was named one of BRW’s fastest growing companies in 2015.

Latest media releases

Cybercrime on the Rise in 2022, after Australians Lost Over $300 million to Scams Last Year

We'd love to chat, how can we help?

By clicking "Submit", you agree to be contacted by a Savvy broker and to receive communications from Savvy which you can unsubscribe from at any time. Read our Privacy Policy.