As we near the end of 2025, the scam landscape has delivered some sobering lessons that demand urgent attention from Australian financial institutions and regulatory bodies. Sadly, the numbers tell us a story of criminal evolution. While scam reports decreased by 24% in the first half of 2025, losses increased by a staggering 26% to $174 million. This may indicate that criminals are shifting from high-volume, low-effort scams to more targeted, high-value attacks extracting greater financial harm from fewer victims.

This is not merely a statistical curiosity. It reflects the uncomfortable reality that, as institutions harden their defences, criminals adapt in parallel. As Australia prepares for 2026, understanding these shifting dynamics will be essential for protecting customers, rebuilding trust, and strengthening the integrity of the financial ecosystem.

The Sophistication Revolution: Quality Over Quantity

One interpretation of the 2025 trend is that scammers may be transitioning away from the traditional “spray-and-pray” approach toward attacks that are more calculated and resource-intensive. Although total reports declined, a greater proportion resulted in actual loss. This could be an early signal of increased precision, stronger deception techniques, or evolving scam typologies.

However, these patterns must be understood in context. Scam losses are heavily influenced by seasonal typologies, such as investment scams which consistently produce disproportionately high losses even when overall volumes fall. The statistics often reflect not just criminal choices but the cyclical popularity of certain scams during particular periods.

Where there is growing consensus, however, is in what lies ahead. As the Scam Protection Framework (SPF) and new telecommunications controls roll out in 2026, many low-effort scam vectors will become significantly less viable. In response, criminals are likely to lean further into higher-value, targeted scams, exploiting tools such as deepfakes, social engineering automation, and account-takeover techniques that bypass traditional detection methods.

We are already seeing early signals of this shift through increasingly realistic impersonation attacks, multi-channel social engineering, and more curated victim targeting.

Vulnerable Populations Bear Disproportionate Impact

2025 also highlighted the uneven burden scams place on Australia’s most vulnerable communities. Individuals who speak English as a second language experienced a 44% increase in scams resulting in financial losses, while First Nations Australians faced a 55.3% increase. These disparities point to deliberate targeting behaviour from scammers who exploit language barriers, cultural nuances, lower digital fluency and reduced access to trusted financial education sources.

This is not simply a cyber security issue, it is an equity issue. Generic awareness campaigns are not enough. Targeted interventions, community-specific education programs, and multilingual support infrastructures will be essential to closing this gap.

The Platform Weaponisation Strategy

With 46% of Australians spending 1–4 hours daily on their phones and a further 27% spending 5–8 hours, scammers have adapted their craft to the platforms people trust and use most. These predictable usage patterns create vast, attractive attack surfaces.

Criminals in 2025 increasingly weaponised everyday digital platforms: social media, messaging services, e-commerce interfaces and mobile-optimised scam sites. Shopping scams alone produced more than 6,300 reports involving financial loss and is the highest of any scam type, exploiting familiar branding, seasonal shopping behaviour and platform convenience expectations.

Cryptocurrency scams have evolved in parallel. Criminals have deployed hybrid models that mirror traditional bank-impersonation workflows but ultimately divert victims into crypto extraction funnels. This convergence of scam and fraud techniques signals a broadening threat environment that traditional bank controls were not designed to withstand.

As SPF-mandated telecommunications controls take effect in 2026, including mandatory sender-ID (CLI) registration, telco-level scam detection and systemic blocking of malicious traffic, many of the common low-friction entry points for scammers will weaken. But the pressure will also push criminal activity into more sophisticated and targeted vectors.

Strategic Recommendations for 2026 Preparedness

Where there is growing consensus, however, is in what lies ahead. As the Scam Protection Framework (SPF) and new telecommunications controls roll out in 2026, many low-effort scam vectors will become significantly less viable. Mandatory sender-ID (CLI) registration, telco-level scam detection and systemic message blocking will reduce the simplest attack paths that scammers have relied on for years.

In response, criminals are likely to lean further into higher-value, more targeted scams exploiting tools such as deepfakes, automated social-engineering workflows, curated victim profiling, and account-takeover techniques designed to bypass traditional detection methods. We are already seeing early signals of this shift through increasingly realistic impersonation attacks, multi-channel manipulation, and more deliberate victim selection.

Against this backdrop, institutions must look beyond awareness campaigns and instead prepare for a more targeted, technologically assisted, and psychologically sophisticated scam environment.

Implement Demographic Specific Defence Strategies

One-size-fits-all education programs are no longer effective. Institutions should deploy tailored interventions for high-risk groups, including multilingual warnings embedded directly into transaction flows, culturally adapted education through trusted community networks, and dedicated support options for elderly or digitally inexperienced users.

Establish Cross-Platform Coordination Mechanisms

The National Anti-Scam Centre’s coordinated initiatives, including the Romance Scams Fusion Cell, offer an important structural foundation. But meaningful protection requires institutions to move beyond information-sharing into shared operational defences, including unified reporting pathways, coordinated threat intelligence, standardised data-sharing protocols and cross-sector rapid-response mechanisms.

Shift from Awareness to Architectural Friction

Consumer awareness remains important, but 2025’s data suggests behavioural risk alone cannot be mitigated through knowledge. Architectural friction, embedded within system design, is essential.

This aligns with long-established security-by-design principles in cyber security, where workflows are deliberately engineered to protect users from unsafe decisions. Translating this to scams means embedding friction points, verification layers and contextual prompts directly into payment journeys, onboarding processes and digital interactions. The objective is not to slow down customers, but to design out avoidable risk.

Develop Behavioural Detection Systems

As scams diversify across channels, detection must evolve. Instead of relying solely on technical indicators, organisations should build behavioural and contextual models aligned to the specific scam typologies relevant to their services. This may include unusual payment behaviour, cross-channel inconsistencies, customer-journey deviations, or metadata anomalies.

The aim is not to detect everything in the same way, but to detect the scams that matter most within each organisation’s risk profile.

The Cryptocurrency-Banking Convergence Challenge

The emergence of cryptocurrency scams that mirror banking fraud tactics requires institutions to develop cross-institutional protocols with cryptocurrency exchanges, standardised wallet verification systems, and enhanced monitoring for requests involving cryptocurrency conversion.

This convergence reflects broader trends in how fraud, scams, and money laundering intersect, requiring institutions to adopt more holistic approaches to financial crime prevention.

Looking Ahead: The Infrastructure Imperative

The fundamental shift required for 2026 is recognising that scam prevention is no longer primarily an education problem: it’s an infrastructure problem. Australian institutions must transition from asking “How do we teach people not to be scammed?” to asking “How do we design systems that make successful scamming substantially harder?”

This requires investment in detection systems that understand both technical and psychological attack vectors, architectural security that introduces friction at critical decision points, and coordinated intervention mechanisms that operate across the entire digital ecosystem where Australians conduct their financial lives.

The 2025 scam landscape has demonstrated that criminal sophistication is outpacing institutional adaptation. As we enter 2026, the institutions that prioritise infrastructure-based solutions over awareness-dependent strategies will be best positioned to protect their customers and maintain trust in Australia’s digital economy. The choice is clear: evolve our defences to match the evolved threat, or continue watching criminals extract increasing value from increasingly sophisticated attacks.

The fundamental shift required for 2026 is the recognition that scam prevention is no longer primarily an education problem … It is also an infrastructure problem.

The Scam Protection Framework (SPF) represents the most significant systemic uplift Australia has seen. Mandatory telco-level detection, sender-ID authentication, real-time blocking, and cross-platform verification will reshape the landscape. These measures will significantly reduce low-effort scams, but they will also raise the stakes: the scams that remain will be more deliberate, slower, harder to detect and more financially impactful.

Institutions should now ask not, “How do we teach people not to be scammed?” but rather, “How do we design systems that make successful scamming substantially harder?”

This requires investment in:

• detection systems that understand both technical and psychological vectors

• architecture that introduces meaningful friction at critical decision points

• coordinated mechanisms that operate across the entire digital ecosystem

• proactive alignment to SPF obligations and 2026 regulatory expectations

   

The 2025 scam landscape showed us that criminal innovation continues to outpace institutional adaptation. As we move into 2026, the organisations that prioritise systemic defences over reliance on consumer behaviour will be best positioned to protect their customers, and to maintain trust in an increasingly digital economy.

The choice is clear:

Evolve our defences to match the evolved threat, or continue watching criminals extract increasing value from increasingly sophisticated attacks.