Super-Highway Robbery

Artful dodgers hustling to relieve folks of their well-earned cash have remained a fact of life since money learned to talk. Yet it could be argued that forensic science has largely caught up with the masked burglar we imagine tip-toeing through the dark with a sack full of stolen goods slung over his shoulder. His modern day counterpart, the cybercriminal, however is not so easily cornered.

It is true that scams are as old as dirt, but their evolution in terms of complexity and reach has achieved previously unheard of levels in the digital age. In Australia, cybercrime accounted for the biggest boom in criminal activity reported during the last financial year, seeing a 13% increase from the previous year, with 76,000 individual cyber attacks logged, according to the Annual Cyber Threat Report. What is cybercrime? Cybercrime itself is not limited to scamming, but a catch-all term for any illegal activity perpetrated online. How it is likely to affect us personally is via the 'cyber scammer' contacting us through email or our smartphones. The messages can take many forms but will share common threads of a request for communication, personal information, to click on a link or include some type of deception to gain access to your personal data, usually for financial gain.

How to know if you're a target of cybercrime

These days it is uncommon to find someone who hasn't received suspicious communication from an unknown source. The Glenferrie Times conducted a straw poll in February 2023, and found that 99% of locals claimed to have been targets of an attempted scam. Out of that number, around 13% had lost money or sensitive, private information to the scam. Despite this figure, an overwhelming number of residents stated 'not enough' was being done to protect them from online scams. Hawthorn-based cyber security educator, Maria (not her real name), stated “Most people don't know how big and how well orchestrated these scamming organisations are.”

“Many big cyber scamming organisations are based overseas and are set up like any business with recruitment drives, call centres, training days and networking. These ‘companies' tend to target corporations like banks, insurance companies or any private firm with access to hoards of personal data. From this data, people’s private information opens up greater scamming opportunities.” Maria educates businesses on how to spot and avoid a potential data breach, although organised scammers tend to use advanced 'hacking' software which can often by-pass security measures.

However, she explains, hacking software can work both ways with ethical, so-called 'white-hat hackers’, using it to find vulnerabilities in online security and reporting their findings to at-risk businesses, prompting them to act in advance of a breach. “Every 19 seconds there is an attempted data hack of some description made in Australia.” Maria explains, “Although this seems high, many actually get blocked before they reach the wider community. Once somebody receives a text from a suspicious source, they can choose to block and report that number. This does make a difference and does affect the scammer”.

Methodology and Terminology

Phishing and Smishing

Phishing is the term for an email apparently from a reputable source (banks, insurance companies, the ATO etc.) requesting the receiver click on a link and

provide sensitive information, while smishing is the SMS equivalent. These are the most common scamming methods used to target individuals. Maria explains, “Your best defence against smishing/phishing, is do not click unknown links EVER. These scams depend entirely on the target’s participation.”

Phone Scams

Simply put, these are ‘unknown’ callers requesting the target to take ‘urgent action’ by providing some form of personal information. According to the Australian Communications and Media Authority (ACMA), the most commonly reported phone scams are: ‘Banks’ informing you of suspicious account activity; ‘Amazon’ or ‘eBay’ requesting payment or personal information; ‘NBN’ or ‘Telstra’ technical support requesting personal data. One way to spot these types of calls is generally, your mobile should show an ‘answer’/'do not answer' option for incoming calls. If the option to ‘not answer’ is absent, ignore the call.

Data Mining

Finding yourself a regular target of attempted scams is frustrating and stressful. However in her capacity as cyber security educator, Maria explains that there are steps you can take to limit your accessibility to would-be scammers. “Facebook is a very common source of private information gathering.” She says, “I encourage everyone to change their privacy settings from ‘public’ to ‘private’, so only friends can view your profile. Furthermore, changing your passwords regularly and not using the same passwords for everything is very important. Using current hacking technology, known as ‘Bruteforce’, it takes only three seconds for hackers to run a check on the billion most commonly used passwords.” Maria adds, soberingly.

How you can protect yourself

Whichever scamming method is applied, Maria insists that avoiding becoming a victim is within your power. “Financial institutions, government agencies and most other organisations will NEVER contact you requesting access to your device, to share your passwords, security codes, PINs or other personal information via a text, email or a phone call. Never share these with anyone, regardless of the claims being made. If in doubt, always call organisations back on trusted numbers found on their websites or a phone directory to validate any of these types of requests.”

Reporting a Cybercrime

In the event that you fall victim to a scammer, help is available. A spokesperson for Victoria Police said, “if you think you have been a victim of Cybercrime, report it to the police or online at ReportCyber, cyber.gov.au OR scamwatch.gov.au as soon as you can. Victoria Police will ensure any victims of Cybercrime are provided with timely and relevant support.”