The Cyber Sushi

(serving up the cold facts, with some phish bytes)

Welcome back! Here's what we are covering in this issue:

• Looking Back at 2025 & What’s Next
• CROC 2025 – Lasting Impact
• Behind the Mask: New and Trending Scams
• Ask Dr Lacey: "How can you tell if a website is real or fake?"

Looking Back at 2025 & What’s Next

Scammers are getting smarter, faster, and more ruthless—and 2025 proved it. Fake jobs, bogus online stores, and rental traps are on the rise, while AI, deepfakes, and multi-layered impersonation are making scams harder than ever to detect. Understanding their methods is no longer optional—it’s the only way to stay one step ahead.

Key trends from 2025
Online shopping, employment, and rental scams are all on the rise.
Together, these three scam types, saw a clear increase from last year.
Employment scams grew the most.
We saw a major surge, with scammers moving away from just social media and to propagate these scams:

• SMS job scams saw an explosive increase
• Fake job websites rose significantly

Rental scams remain lower in number but still increased this year.

Driver Licence (DVL) misuse
Scammers do sometimes use people’s driver licence details to commit fraud, however, even though the total number of scams went up, the misuse of driver licence information actually went down once we adjust for the overall increase in cases.

Looking Ahead: Scam Predictions for 2026

Scams are becoming more sophisticated and harder to spot. Here’s what we expect to see next year:

1. Multi-layered impersonation scams
Criminals are now impersonating multiple organisations in the same scam—police, banks, crypto platforms, government agencies—and even encouraging victims to report the incident to ‘authorities’ to make it feel legitimate.

One recent case involved fake police, a fake case number, and a follow-up call from someone posing as Coinbase support. The scammers worked together to pressure the victim into transferring their crypto.

2. Impersonation of IDCARE

• We’re seeing more scammers pretending to be us
• Fake emails claiming IDCARE can ‘recover crypto’
• Misused letterheads and fake ‘client numbers’
• Late-night emails from incorrect addresses
• Phone phishing pretending to be IDCARE ‘device cleaning support’ — one person lost $55,000

3. Use of AI and deepfake technology
AI tools are making scams more believable:

• Voice cloning to impersonate friends or family during social media account takeovers
• More realistic deepfake videos and audio, including tone, humour, and personality
• AI-generated sexual images used in sextortion scams

4. New payment and communication channels
Scammers are moving to less familiar platforms to avoid detection:

• Directing victims to other apps (i.e. gaming or finance apps) to make payments
• Using encrypted messaging apps and chatbots on fake websites
• Sharing QR codes to collect payments or personal information
• Increasing use of TikTok in propagating scams
• Evolving how they impersonate trusted brands like Australia Post and Vodafone—for example, sending a fake Australia Post delivery notice via a QR code on TikTok instead of the usual SMS

5. Travel visa scams on the rise
Cases jumped 76% in 2025. Fake visa services are aggressively targeting travellers heading overseas.

6. Relationship scams & investment scams

• Relationship scams have increased
• Investment scams continue to cause the highest financial losses, often using increasingly coordinated ‘astroturfing’ campaigns – fake online reviews that are made to look real to deceive people.

7. Threat-based scams becoming nastier
We’ve seen:

• Scammers falsely threatening to tell people’s contacts they are a ‘paedophile’
• Sextortion attempts using AI-generated images
• Personal information from social media used to intensify threats

8. Small business still a major target
We’re continuing to see scammers target small businesses through fake invoices, supplier impersonation, and account takeovers - deceiving businesses into paying money to scammers by pretending to be trusted suppliers or taking over business accounts.

9. Data breaches continue to fuel scams
Following major health-sector breaches and other incidents, scammers are using leaked personal information to tailor attacks and increase believability.

Final Thoughts
Scammers are more organised, more technologically advanced, and more convincing than ever. But the more we understand how they operate, the better we can protect ourselves.

CROC 2025 – Lasting Impact

In 2025, we re-launched the Cyber Resilience Outreach Clinics (CROC) under the banner ‘Lasting Impact’, focusing on building local champions in every community we visited. These champions keep the conversation going long after our clinics, sharing knowledge and helping protect their communities.

This year, we delivered 39 clinics, empowering nearly 900 Australians across Victoria, South Australia, New South Wales, and Queensland. Today, our network includes over 170 champions nationwide, who connect online bi-monthly to exchange insights and keep up-to-date with the latest scam trends.

A huge thank you to our sponsors, ANZ and Westpac, whose generous support makes this program possible and helps us reach communities across Australia with vital cyber resilience resources.

Looking ahead to 2026, we’re planning two major CROCs: one in the Pilbara region, WA, visiting several Indigenous communities, and another in the NT, covering Darwin, Alice Springs, and selected Indigenous communities in partnership with NT Neighbourhood Watch.

RAP Update

Since the endorsement of IDCARE’s Innovate RAP in May, we’ve continued strengthening our commitment to reconciliation. Insights gained through our Cyber Resilience Outreach Clinics over the past two years have deepened our understanding of the unique challenges Aboriginal and Torres Strait Islander communities face in relation to scams, cybercrime, and identity misuse.

We are focused on ensuring our responses are culturally informed, respectful, and inclusive, supported by ongoing cultural capability training and genuine community engagement. As we embed reconciliation across our organisation, we remain committed to working alongside communities and partners to improve protection, support, and awareness.

We have also engaged a local Aboriginal marketing specialist to help tailor our resources to be more culturally appropriate and “mob friendly.” These will be road-tested next year as we visit communities in the Pilbara, Darwin, and Alice Springs.

Behind the mask: The Guide to New and Trending Scams

Heading overseas for the holidays? Watch out for fake travel visa websites

Travellers are frequently targeted by fake websites posing as official portals for submitting digital arrival cards or travel visas. These sites often ask for credit card details multiple times and may never send the expected two-factor authentication codes. Victims risk having cards compromised and may also provide sensitive personal information, including passport numbers, full names, and addresses.

These scams typically catch people in a hurry. Many travellers Google “Malaysia travel visa” (or the relevant country) and click the first link that appears. While legitimate companies can pay for their ads to appear at the top of search results (usually labelled as ‘sponsored’), scammers can do the same.

The consequences can go beyond stolen credit cards. Some scams never issue a visa, meaning travellers may not realise they’ve been defrauded until they try to make travel arrangements. Others provide fake visas, which can cause serious issues at the border. In some cases, people only realise something is wrong when they see a much larger charge than expected on their bank statement.

Our Tips:

• Always go directly to official government websites for visas or arrival cards. For Australians, the official site is www.smartraveller.gov.au.  Don’t rely solely on search results.
• Check the website URL carefully: official sites often end in ‘.gov’ or the country-specific domain.
• Avoid entering sensitive information on public Wi-Fi or unfamiliar links.
• Enable two-factor authentication where possible.
• Monitor bank statements and credit reports for unusual activity.
• Report suspected fraud to your bank or financial institution immediately.

Ask Dr Lacey: "Can I get a virus from clicking a link?"

Have a Scam, Identity, or Cyber-Related Question? Ask Dr. David Lacey!
 
Having dealt with countless cases of scams, identity theft, and cybercrime, Dr. David Lacey is one of Australia’s most respected experts in the field. He is highly sought after by both government and industry for his unique insights into the online criminal environment. In this edition of The Cyber Sushi, Dr. Lacey is inviting you to submit your questions – and we (the Cyber Sushi team) will answer them. Send your questions to [email protected].

Our question today comes from Freya
Hi Dr Lacey,

I keep hearing that criminals open transactional bank accounts as part of their scams. What’s the purpose of doing this, and how does it help them?

Kind regards,
Freya

Answer:
Dear Freya,

Criminals open transactional accounts for one main reason: they need somewhere for victim funds to go - and they need to move that money fast.

These accounts allow scammers to receive funds and then shift them within minutes through multiple other accounts or overseas. Speed is everything. The faster they move the money, the less chance a bank can freeze it or a victim can recover it. That’s why they use accounts opened with stolen identities or through ‘money mules’ rather than their own.

Without quick, disposable transactional accounts, most scams simply wouldn’t work. They’re the key mechanism that lets criminals collect and rapidly disappear victim funds.

Best regards,
The Cyber Sushi team