Social Engineering in Australia: A Case Study

/

Social engineering scams are on the rise in Australia, defrauding victims out of millions of dollars through manipulation tactics, according to Ruben Naiker, CFE. Naiker, who has more than two decades of experience as a forensic investigator, led a detailed presentation of social engineering cases in Australia during the 2023 ACFE Fraud Conference Asia-Pacific and detailed the variety of methods scammers are using to defraud sensitive information and money from unwitting targets.

From January to June 2023, Naiker cited that social engineering fraud has already drained AUD 286 million from Australia. That's on pace to top AUD 500 million that was lost last year.

Naiker dove into common scam methods within these cases:

  • Text/SMS Scams: Fraudsters send texts pretending to be from government agencies or businesses requesting personal information or payments.

  • Phone Scams: Callers impersonate tech support, government agencies or loved ones in need to elicit financial data or access to devices.

  • Email Scams: Fraudsters send fake invoices or pleas for help to get recipients to reveal passwords or make payments.

  • Social Media Scams: Scammers use social media platforms to distribute fraudulent investment opportunities or romance scams.

  • Website Scams: Malicious websites are designed to install malware, collect data or run other cons.

  • In-Person Scams: Fraudsters may pose as contractors or officials to gain access to homes and information.

Naiker said social engineering is a key technique in which scammers manipulate human psychology to build trust and prompt the release of sensitive data. These tactics include:

  • Pretexts: Creating fictitious scenarios to persuade victims.

  • Baiting: Leaving infected storage devices to be found and inserted into computers.

  • Quid pro quo: Offering a service or benefit in exchange for information.

  • Tailgating: Following someone into a secure building.

  • Trojans: Malware disguised as legitimate software.

Australia loses about AUD 40 million monthly to social engineering scams. Naiker made the point that many victims do not report fraud due to embarrassment or fear of being implicated in illicit activities.

The most common scams reported in Australia are phishing, false billing, online shopping fraud, identity theft and hacking. Scams frequently rely on phones, social media, email, websites and in-person contact.

Older Australians are the most targeted demographic, with those over 65 losing around AUD 70 million annually. According to Naiker, seniors in Australia tend to have more money and are less tech savvy, making them vulnerable to phone scams in particular.

Naiker emphasized that scammers are constantly developing new tactics and finding fresh ways to manipulate potential victims. Education and awareness are critical to help the public recognize and avoid the latest schemes. He advocated destigmatizing fraud to encourage more reporting and collection of data to shine a light on how scams exploit vulnerable populations.

Read More: Modern Slavery’s Threat to the Economy, Society and More