Cybercrime may be a battle we are destined to lose, says Deakin expert

Damien Manuel, Director of Deakin University's Centre for Cyber Security Research and Innovation, said the risk had increased from one in four Australians only a few years ago, as cybercriminals find more creative ways to hack through our digital defences.

"Australians lost more than $10million to scammers last year and cybercrime appears headed in one direction," Mr Manuel said.

"Everyone has a story about a relative, parent or child who has been a victim of digital crime, through a phone or email scam, a malicious website or attachment like ransomware. Last week we saw a number of hospitals and patients impacted across Victoria."

This year Stay Smart Online Week, running from 7-13 October, continues its theme of 'Reverse the Threat' of cybercrime, empowering Australians to take control of their online identity by reviewing privacy settings, learning how to spot phishing scams, creating strong and unique passwords, and turning on two-factor authentication.

"Human beings are susceptible to scams. As curious, social animals, we are often more trusting than we should be," Mr Manuel said.

"When we are connecting with people by phone, over the internet or by email, we don't see body language cues that we normally use to assess risk in people we don’t know. It is also easy for scammers to use fear to get people to become compliant and follow instructions and orders, such as looking like the tax office or police.

"They manipulate our anxieties and then force us to make decisions fast without thinking through the consequences. Emails or SMS messages that require urgent action are often a warning sign to consumers, especially if these items contain links."

Some examples include:

• being asked to pay unexpected fines or invoices or risk going to jail;
• being asked by a government agency to login to update details, and links are provided in the email;
• being directed to an urgent action to prevent fraud on an account (typically Apple, eMail or bank account); and
• logging in to a cloud service to access a document from an unknown person.

Mr Manuel said it was important for people to be more cautious with people they encounter online.

"Don't open attachments from people you don't know and remain suspicious when you hear from people you do know. It is very easy to attack someone via email as malicious codes can be buried in photos, PDFs or attached documents," Mr Manuel said.

"If you don’t need to open something, don't open it. If someone calls and pretends to be from the ATO, Telstra, Optus, or so on, ring them back, but use details from an old bill or directly from their website."

Mr Manuel’s podcast Cybercrime…Is this the battle we are destined to lose? has been published as part of Deakin's new disruptr podcast series and can be downloaded here.