Cybercrime takes two forms:
- crimes where computers or other information communications technologies are an integral part of an offence (such as online fraud)
- crimes directed at computers or other technologies (such as hacking).
The Australian Criminal Intelligence Commission (ACIC) is concerned about cybercriminals who are trying to make a profit from everyday Australians.
Australia is an attractive target for serious and organised crime syndicates due to our nation's relative wealth and high use of technology such as social media, online banking and government services. Due to the possible lucrative financial gains for serious and organised crime syndicates, the cybercrime threat is persistent.
The Cyber Security Review, led by the Department of the Prime Minister and Cabinet, found that cybercrime is costing the Australian economy up to $1 billion annually in direct costs alone. Cybercrime is diverting funds from the legitimate Australian economy to the illegitimate economy. In addition to loss of money, cybercrime causes other damage including:
- damage to personal identity and reputation
- loss of business or employment opportunities
- impact on emotional and psychological wellbeing.
Examples of cybercrime include ransomware and credential harvesting malware.
- Ransomware—this is a type of malware that facilitates extortion. It usually infects a victim’s computer after the victim opens a malicious email attachment. Following infection, ransomware locks a computer’s content and displays a message requiring victims to pay a ransom for a decryption key that will supposedly allow them to regain access. The emails delivering ransomware to Australian victims use branding of trusted and well known Australian corporations as part of their social engineering techniques.
- Credential harvesting malware—this is malware designed to harvest a user’s credentials when they are logging onto a website. This is done completely covertly so the victim is unaware their credentials are being stolen. The malware that facilitates this harvesting is usually delivered to a victim’s computer or device via an email with a malicious attachment.
The principal threat to Australia from cybercrime is from offshore. Cybercriminals who are impacting Australian victims work together even though they may live in different countries or even different continents. This makes cybercrime activities inherently fluid and flexible.
The reporting of all cybercrime activity should be made through the ReportCyber website. The website also provides advice on how to protect yourself online and frequently asked questions that provide information regarding cybercrime trends.
Information and guidance on cybercrime is also available via the following links:
- Stay Smart Online—to find out more about online safety and security and receive regular alerts
- SCAMwatch—to stay up to date on current scams
- Office of the eSafety Commissioner—for online safety education resources and information for young people, parents and teachers
- Australian Cyber Security Centre—is the hub for private and public sector collaboration and information sharing to combat cyber security threats
- Australian Institute of Criminology—to access cybercrime research and complete the annual consumer fraud survey.