Top 5 Online Scams in Australia to Watch Out for in 2025

In 2025, as technology continues to advance and our reliance on online platforms grows, cybercriminals have become more sophisticated in the way they target their victims around the world.

And Australia is no exception.

According to recent data from Scamwatch, ReportCyber, AFCX, IDCARE, and ASIC, $2.03 billion was the combined reported losses to scams in 2024.

While many people remain cautious online, scammers are constantly finding new ways to scam that even the most tech-savvy users may fail to spot. That’s why it is more important than ever to stay informed about the latest tactics utilised by scammers and learn how to protect yourself.

Today's we'll be listing out - arguably - the top 5 online scams that Aussies need to be prudent of.

This list is based on an investigation done by the National Australian Bank (NAB), which identified the common online scams based on customer reviews and societal issues.

Let's get started.

Top 5 Online Scams in Australia in 2025

According to NAB, the top 5 online scams in Australia to watch out for in 2025 are:

1. AI-Generated Scams

The growing use of free or low-cost generative AI tools has opened new ways for cybercriminals to manipulate their victims more realistically.

Regarding that, one of the most concerning threats is the use of deepfakes — manipulated images, videos, and audio. These deepfakes can be harder to spot and so are often used to promote fake investment opportunities or products on social media.

In more disturbing cases, cybercriminals also use AI to generate ‘nudified’ images sourced from the victim’s social media, which can further be used for sextortion.

“While we haven’t had any reports of our customers being impacted by sextortion using AI-generated images, we’re watching this issue overseas, given sextortion can have devastating consequences.” NAB’s Executive, Chris Sheehan said.

Warning Signs Associated With Deepfake Scams

The most obvious warning signs of deepfake scams are: poor quality, unnatural, or robotic video and audio; a sudden change in the usual tone or grammar from a known contact; a request that circumvents standard procedures; and no verifiable contact details.

These signs point to potential fraud or malicious intent, especially in professional or financial contexts.

How to Protect Yourself from Deepfakes?

Protecting yourself from deepfakes-related scams requires smart habits:

1. Set your social media profiles to private and review all the friend requests before accepting.
2. If someone threatens you about releasing your images, immediately stop all contact and report the matter to the eSafety Commissioner.
3. Use tools such as Sensity AI, Microsoft Video Authenticator, or Reality Defender to detect deepfake media.
4. Never act on emotionally charged or urgent requests without verification.

This way, you can protect your privacy and reduce the risk of falling victim to manipulation.

2. Cryptocurrency Investment Scams

The increasing popularity and lack of regulation across cryptocurrency have provided scammers with an additional advantage.

Fraudsters trap victims with a promise of guaranteed high returns on crypto trading platforms.

Many of these platforms are fake or operate under “rug pulls” (where developers promote a coin or token, withdraw all the liquidity or funds, and leave the investors with worthless tokens).

Other tactics include the Pump-and-dump schemes and Ponzi-style investment communities.

Being a victim, you may see small profits in the beginning that you can withdraw as well. However, as you attempt to withdraw a larger amount, you have to deal with fees, tax issues, or being locked out of your account.

Note: One interestingly manipulative way attackers get investments is through “Pig butchering.” In this type of fraud, the scammer builds a fake online relationship with the victim over weeks or months to gain trust. Once the trust is established, they convince victims to invest in phony cryptocurrency platforms, and then suddenly disappear with the funds.

Who Is Targeted in Cryptocurrency Frauds?

The most common targets include older Aussies who may not be familiar with digital currency and tokens, and younger people who are looking for easy money or chasing quick wealth.

Warning Signs of Crypto Investment Scams

The major red flags to look for are the promise of guaranteed returns or zero-risk investment. Remember, these terms would never be used by an authentic financial advisor.

Another warning sign is the urgency to invest as quickly as possible, often using FOMO (fear of missing out) tactics such as, “Invest now or you may miss a huge opportunity.”

Finally, be cautious if the crypto platform is one you have never heard of or if it lacks transparency.

Any of these signs is a strong indication to pause before committing your money.

How to Stay Safe from Fake Crypto Schemes?

To stay safe from fake crypto schemes:

1. Use trusted platforms and check the ASIC’s investor alert list, which includes suspicious platforms, companies, and businesses.
2. Find the cryptocurrency exchange registration number on its website and confirm that the platform is registered with AUSTRAC (Australian Transaction Report and Analysis Centre).
3. Confirm that the person you are talking to has an Australian Financial Service (AFS) License.

These precautions help you secure your investments.

3. Bucket List Scams

Scams tied to “once-in-a-lifetime” experiences are on the rise, targeting people who are looking to fulfil their bucket list moments. These scams often involve fake travel deals with suspiciously low prices, counterfeit tickets, prize draws, and fraudulent charity donation requests.

In any case, the end goal of the cybercriminals is the same: to manipulate you into sending money or sensitive information.

Target of Bucket List Scams

In bucket list scams, scammers specifically target those people who have good intentions and want to save money.

The most common targets are travellers hunting for last-minute deals, people looking for giveaways or prize draws, and Australians who are willing to donate to emergency relief funds.

Always verify the source and legitimacy of any offer before sharing personal information or making payments.

Common Signs That Warn About Bucket List Scams

Several indicators that signal something might not be right include a request for a payment or donation through unusual methods, such as cryptocurrencies, gift cards, or wire transfers.

Another red flag is receiving a prize notification that typically asks for “processing fees” or personal information.

Stay alert — if a deal or offer seems too good to be true, it probably is.

How to Protect Yourself?

To stay safe:

1. Always book tickets through licensed agencies.
2. Avoid deals that seem suspiciously cheap.
3. Before donating, confirm the authenticity of the charity through the Australian Charities and Not-For-The-Profits Commission (ACNC).
4. Check the seller’s reviews and online presence.
5. Do a reverse image search to detect reused or stolen images.

Being cautious can save you from unnecessary loss and disappointment.

4. Remote Access Scams

Remote access scam is a more sophisticated form of scamming. It often starts with an unsolicited phone call impersonating a bank, tech support, or government agency.

They usually call or message unexpectedly, insisting your device is compromised by a virus. The criminals then instruct you to install an app or software to resolve the problem, which gives them remote access to your computer.

Once they gain access, they immediately steal your personal data, directly access your accounts, or install malware in your system.

Who Scammers Target in Remote Access Scams

Older people and non-tech-savvy users are frequently targeted in remote access scams due to their limited familiarity with digital systems, making them more vulnerable to deceptive tech support tactics and convincing-sounding instructions from scammers posing as legitimate professionals.

Warning Signs of a Remote Access Scam

The clear warning signs that help you identify remote access scams are being contacted about a problem — especially when you haven’t reported one — and receiving a request to install unfamiliar software or share your login credentials.

If something feels off, trust your instincts and disconnect immediately.

How to Protect Yourself?

Follow these simple steps to stay safe:

1. Never allow remote access to your device unless you have personally initiated a support request.
2. Always verify the organisation by calling directly using their official customer service number.
3. Protect your device using a reputable antivirus.

Being cautious with access and verification keeps you secure from these scams.

5. Phishing Scams

You may have heard about this a lot of times before, as it is one of the most common online threats.

In phishing scams, scammers send convincing emails or text messages that impersonate trusted organisations such as banks, Australia Post, or government services like myGov.

The purpose of these messages is merely to convince the victims to click on malicious links or download infected attachments.

Unlike before, scammers are now using AI tools to copy the tone, style, and pattern of real employees or your loved ones, which makes these attacks harder to spot.

Warning Signs of Phishing Scams

While phishing is continuously evolving, there are common red flags you can look for. These include unexpected contact through phone calls or text messages, poor English or grammatical mistakes in the message, and unusual or misspelled URLs. Scammers often create a sense of urgency to make a payment, using threats or time-sensitive language such as, “Your account has been locked.”

If you notice any of these signs, pause before taking any action.

Protecting Yourself from Phishing Attacks

To protect yourself from phishing scams:

1.      Know that banks will never ask for sensitive information through a phone call or text message.

2.     Always enable multi-factor authentication.

3.      Never click on the links or download attachments from unknown or suspicious sources.

If you find yourself being a victim of the attack, there are some things you can do to minimise the harm.

What to Do If You’re Scammed?

Discovering you've been scammed can be stressful, but taking quick and informed action can help reduce the damage and improve your chances of recovery.

1. Immediate Steps

If you suspect any suspicious activity, acting quickly can make all the difference.

Start by contacting your bank or service provider immediately to report the issue and freeze your accounts. Also, request them to reverse any unauthorised transactions. Then, change all the passwords associated with the compromised account.

These initial steps limit the damage and prevent further loss.

2. Report to Authorities

Immediately after contacting your bank or financial institution, you should report the governing bodies that deal specifically with scams.

1. If you have been targeted by a scammer, but haven’t yet made any payment or transferred personal information, report it to Scamwatch.
2. For incidents involving hacking, phishing, or data theft, report it to ReportCyber (managed by the Australian Cyber Security Centre).
3. If your identity has been stolen or sensitive data has been compromised, IDCARE supports you and helps you make your identity secure again after being scammed.

Taking action and reporting to the agencies not only helps you recover but also protects others from similar scams.

Conclusion

With the advancement in technology, cybercriminals have developed new and more convincing ways to target their victims.

While most people stay cautious online, it is still common for individuals to fall victim to sophisticated scams. Therefore, it is important to understand the latest tactics used by the fraudsters.

AI-driven deepfake images, videos, text messages, and audio are at the top, as they can be harder to spot. Fake investments or offers that seem too good to be true are another way to lure the victims and steal their money.

Remote access scams and phishing often involve impersonation and can easily result in falling victim to prey. Understanding all these tactics makes you stay ahead of these scammers and hence protects you from any financial and personal harm.

Thanks for reading.