AI-fuelled scams surge as Australian losses jump 28 percent

Scam Awareness Week has brought renewed attention to the surging threat of scams in an era where artificial intelligence (AI) is not only revolutionising business operations but also arming fraudsters with powerful new capabilities. With scam-related losses in Australia increasing by 28% in just the first four months of 2025, the urgency for action is higher than ever, industry experts warn.

Russell Todd, Security Solution Lead at Avanade Australia, emphasises that security is fundamentally a human issue, not just a technological one. "Scammers are masters at exploiting human emotions like urgency, fear and curiosity," Todd observes. "In the rush of daily life, individuals and employees can fall into the trap of clicking before thinking." According to Todd, the proliferation of generative AI is making scams – from deepfakes to convincing phishing emails – far harder to detect, leaving both individuals and businesses vulnerable to fraud that can cause financial losses and inflict lasting reputational damage.

This sentiment is echoed by Adhil Badat, Managing Director APJ at Rackspace Technology, who highlights the dual-edged sword presented by AI. "Artificial intelligence is now a core part of cloud strategies, with 84% of organisations already incorporating it," he says. Opportunities abound for improved decision-making and innovation, yet Badat cautions that as AI-powered tools become commonplace in the workplace, the lack of formal guidance and robust governance is being exploited by cybercriminals. With AI capable of generating highly convincing scam communications, he argues that education and clear security policies are essential to reduce risk as AI and cloud adoption accelerate.

Industry reports underline the gravity of the situation. WatchGuard's Q1 2025 Internet Security Report found that 71% of malware now arrives via encrypted connections, and a significant proportion bypasses traditional signature-based defences as so-called zero-day threats. The report also charted a 171% surge in network malware, with attacks increasingly sophisticated and often aided by AI. Anthony Daniel, Managing Director ANZ at WatchGuard, warns, "For businesses, it's not just about compliance – it's about protecting reputation and trust. Leaders must regularly ask: Are our people prepared to spot a scam? Are our processes strong enough to stop one?"

Alongside evolving technical threats, poor identity and password practices continue to provide entry points for scammers. Nigel Tan, APAC SE Director at Delinea, points out that nearly half of Australians have experienced some form of cybercrime, yet only a quarter routinely update their passwords. He stresses that clear responsibility for account access and regular password hygiene are basic but critical defences that are often overlooked, both by individuals and businesses. "By getting these foundations right, we can shut scammers out before they get in," Tan asserts.

The exploitation of personal information is another concern attracting expert scrutiny. Andrew Black, Managing Director of ConnectID, advocates for a significant reduction in the volume of personal data shared and stored across online platforms. He refers to the latest statistics indicating that 21.9% of Australians were affected by identity crime or misuse last year, a stark illustration of the risks associated with oversharing. "When scammers get a hold of a driver licence, passport, or bank statement, the damage can be even greater," Black says. He believes that 'data minimisation' – sharing only the minimum necessary details, rather than broad personal information – must become standard practice, both for consumers and for organisations seeking to limit the impact of identity-related scams.

The sophistication of scams today, often made possible by AI, also means trusted contacts and familiar messages are not always what they seem. Erich Kron, Security Awareness Advocate at KnowBe4, notes recent research showing that 98% of phishing clicks came from internal emails or trusted senders. "Threat actors are constantly stepping up their game," Kron warns. He advocates for the cultivation of a security culture that is maintained year-round, where individuals are regularly updated and trained to spot the newest scam tactics. "By maintaining high awareness, organisations can empower their people to be their first and best line of defence," he suggests.

The prevailing message from security experts this Scam Awareness Week is that vigilance is everyone's responsibility. As scammers become more adept at using advanced technology and manipulating human psychology, the strongest defence will be a combination of continuous education, clear security processes, intelligent tools and a commitment to data minimisation. Protecting Australians – and Australian businesses – from scams requires collaboration between individuals, organisations and policymakers, each determined to stay one step ahead in an environment where the stakes are rising with each innovation.