Skip to main content

COVID-19 cyber scams mount against Australians

Threat update: COVID-19 malicious cyber activity

Cybercriminals continue to target Australians through a range of COVID-19 themed scams, fraud attempts and deceptive email schemes, the Australian Cyber Security Centre (ACSC) has warned in a new threat update.

Since 10 March 2020 the ACSC has:

  • received more than 95 cybercrime reports about Australians losing money or personal information to COVID-19 themed scams and online frauds,
  • responded to 20 cyber security incidents affecting COVID-19 response services and/or major national suppliers in the current climate, and
  • disrupted over 150 malicious COVID-19 themed websites, with assistance from Australia’s major telecommunications providers, as well as Google and Microsoft.

The Head of the ACSC, Ms Abigail Bradshaw CSC, said the ACSC had observed malicious foreign cyber actors adapting their techniques and aligning their malicious activities within days – sometimes even hours – of government announcements such as relief payments or public health guidance.

“The Australian Cyber Security Centre (ACSC) is focused on protecting Australian families and businesses against cyber scams and compromises during the COVID-19 pandemic, and helping them to stay safe online,” said Ms Bradshaw.

“The Australian Signals Directorate has also used its offensive cyber capabilities to disrupt foreign cybercriminals responsible for malicious cyber activities exploiting the COVID-19 pandemic. We have stopped them from accessing their own systems and prevented them from accessing information they stole.”

The latest threat update includes eight case studies of cyber scams, online frauds and phishing campaigns and outlines mitigation strategies to combat them.

“I encourage all Australians to remain vigilant against the threat of cybercrime, and check our advisories at cyber.gov.au so you know what to look for and what to do,” Ms Bradshaw said.

For more information see Threat update: COVID-19 malicious cyber activity, 20 April 2020.

To report a cyber-security incident, email asd.assist@defence.gov.au or call 1300 CYBER1 (1300 292 371).

Date
April 20th, 2020