Australians are losing tens of millions of dollars to increasingly sophisticated scams, with criminals now posing as trusted authorities and even “rescuers” to gain access to bank accounts and cryptocurrency wallets.

New intelligence from the Joint Policing Cybercrime Coordination Centre (JPC3) reveals fraudsters are deploying elaborate tactics to bypass security measures, including mimicking bank hold music and staging coordinated “tag-team” phone calls to trick both victims and financial institutions at the same time.

In one case cited by authorities, a victim lost $350,000 in cryptocurrency within 18 hours after being convinced their digital wallet had been compromised. The scammer, posing as a representative of a legitimate crypto provider, urged the victim to act quickly to secure their funds—only for the money to be siphoned offshore.

Law enforcement says this approach—where scammers present themselves as helping to prevent fraud—is becoming increasingly common across both banking and cryptocurrency sectors.

Figures from the National Anti-Scam Centre show Australians reported losses of $97.6 million to phishing scams in 2025, up from $84.5 million the previous year. These scams typically involve criminals impersonating trusted organisations such as banks, law enforcement or financial advisers to extract sensitive information.

Australian Federal Police Detective Superintendent Marie Andersson said offenders were highly organised and often equipped with detailed personal data obtained through previous breaches. She said this information allowed scammers to establish credibility quickly and manipulate victims into disclosing further details or granting access to their accounts.

Authorities are also seeing coordinated operations where one scammer contacts a bank while impersonating the victim, while another simultaneously engages the victim posing as the bank. Information gathered in real time is then used to defeat security checks and create a convincing narrative.

Common tactics include claims of unauthorised transactions, locked accounts, or compromised devices requiring urgent action. Victims are often pressured to share one-time passcodes, approve transactions, install remote access software, or transfer funds to so-called “safe accounts”.

Detective Superintendent Andersson warned that any unsolicited contact from a bank combined with urgency should be treated with suspicion. She advised people to pause, verify requests independently using official contact details, and avoid clicking on links or sharing login credentials.

Commonwealth Bank executive James Roberts said impersonation scams were becoming more convincing, but noted that legitimate banks would never ask customers to disclose passwords, PINs or authentication codes, or to move money to another account for safekeeping.

Several case studies illustrate the scale of losses. One victim transferred $156,000 after being told to move funds into newly created “secure” accounts, while another lost nearly $200,000 after a scammer replicated bank procedures, including placing them on hold with fake audio.

Authorities are urging victims to report incidents promptly, stressing that scams can affect anyone and early reporting may help limit financial losses.

Support our Journalism

No-nonsense journalism. No paywalls. Whether you’re in Australia, the UK, Canada, the USA, or India, you can support The Australia Today by taking a paid subscription via Patreon or donating via PayPal — and help keep honest, fearless journalism alive.