Recent government reports hint at the scale of Australians’ fraud losses, but are Australians themselves aware of the risks? Eftsure research points to “yes.”
Of the Australians surveyed, we found:
- 52% have experienced a financial fraud attempt in the past 12 months
- 62% feel more at risk now than they did a year ago
- 83% are concerned about AI-assisted scams
- 90% believe AI-generated fraud is harder to detect than the scams that came before it
That's just the awareness picture, though. And, on its own, it’s encouraging that Australians recognise the growing risks.
The harder finding sits underneath it: the people most exposed to fraud at work don't feel equipped to deal with it, the tools to help them are largely absent, and a quiet problem with workplace hierarchy is making payment fraud easier to land than it should be.
For Australian CFOs, finance directors and AP managers, this is the story to pay attention to.
What the official data is saying
The Eftsure findings line up with what the agencies tracking fraud are reporting.
The National Anti-Scam Centre's latest Targeting Scams report found Australians lost a combined $2.18 billion to scams last year, up 7.8% on 2024. Payment redirection scams (better known as business email compromise, or BEC) were one of the only top-five categories to record a year-on-year increase, climbing 9.3% to $166.8 million. Phishing losses grew 15.5% to $97.6 million, and 65,361 phishing reports were lodged with Scamwatch alone, making it the single most reported scam category in the country.
Globally, the picture is the same. INTERPOL's Global Financial Fraud Threat Assessment 2026 puts global fraud losses at $442 billion in 2025, with 73% of business leaders saying they have already been affected and 77% reporting rising exposure. INTERPOL rates the outlook as HIGH, with significant escalation expected over the next three to five years.
Both reports include the same caveat, and it's worth repeating: the published figures are conservative. Many incidents never get reported through any single channel, small businesses in particular tend to absorb fraud quietly across multiple reporting routes, and the true cost is almost certainly higher than the headline numbers suggest.
What Australians are telling Eftsure they're worried about, in other words, is the same thing the agencies are seeing in the data, and the data is the floor rather than the ceiling.
Awareness is high, but confidence isn’t
The fraud experience is widespread among the Australians surveyed. The most common types they encountered in the past year include:
- Phishing emails or text messages: 48%
- Bank or credit card fraud: 32%
- Social media scams: 28%
- Fake invoices or payment requests: 25%
These aren't fringe events. They are the everyday backdrop to running a business in Australia, and the official data tells the same story at scale.
But awareness isn’t the same thing as preparedness. Only 21% of respondents say they feel well informed and confident in identifying scams. Half (50%) say workplace guidance on fraud exists but is unclear or infrequent, and the same proportion say they know the basics but feel scams are getting harder to spot. AI is the reason. Synthetic voices, deepfaked video, faultlessly written impersonation emails: the cues people were trained to look for have gone, and the training itself hasn't caught up.
INTERPOL's read is consistent: the global report finds that AI-enabled fraud schemes are up to 4.5 times more profitable than traditional methods, with voice cloning now possible from as little as 10 seconds of audio. The economics have shifted in the attacker's favour, and the gap between the threat and the average employee's training is widening.
David Higgins, Eftsure's Chief Technology Officer, described the same shift when discussing the survey results recently. Fraudsters, he said, are "now so much better at actually being able to get around the safeguards that we all have in there… [using] AI and other methods out there to infiltrate suppliers and then send those scam emails to companies that look really, really convincing."
That's the experience Australian finance teams are describing, restated from the other side of the inbox.
If staff feel unsure, the obvious response is to give them better tools. The research says that hasn't happened in Australian workplaces:
- Fifty-five percent of Australian workers have not been introduced to any fraud prevention tools at work
- Forty-five percent say the information they do receive is limited or unclear
- Just 22% say practical tools have been introduced clearly, with worked examples
That gap matters because fraud now hits in places where human judgement alone is unreliable. A finance team trying to catch a manipulated bank detail change with a manual eyeball check is trying to stop an AI-assisted actor on a very uneven playing field. Training is far more useful when the team has tools in front of them that flag risk at the moment of payment, not days later in a reconciliation report.
The structural shift visible in the National Anti-Scam Centre data reinforces the point. Losses through online contact methods reached $158.5 million in 2025, up 21.8% on the prior year, while phone-based losses fell 32%. Fraud is moving into the digital tools staff already use every day: email, supplier portals, messaging apps. Controls built for an earlier era of phone-based scams aren't where the loss is happening anymore.
Even the back-up checks staff fall back on are wearing thin.
Higgins made the point bluntly: "It doesn't take that much work to find the tools to fake a voice. So if it's someone that you may be familiar with that you've just spoken to… [criminals are] getting even more sophisticated."
The leadership and hierarchy problem
One of the results we found most concerning sits at the leadership level:
- Only 19% of respondents say their senior leaders understand fraud very well
- 55% say leadership awareness exists but lacks depth
- 20% say leadership's understanding has not kept pace with how fraud is evolving
That perception is matched by what's happening inside the payments process. Thirty-two percent of employees say they feel pressure to process payments quickly. Nineteen percent say workplace hierarchy makes it specifically difficult to challenge a request from a senior person. Only 25% feel comfortable questioning a payment request from a senior executive.
Three out of four Australian workers, in other words, are more likely to push a payment through than ask the question. That's exactly the dynamic that AI-assisted impersonation scams are built to exploit, particularly CEO fraud and invoice redirection. It's also the finding industry coverage of the survey has zeroed in on: when employees don't feel they can question a senior leader, organisational hierarchy stops being a management feature and starts being a control gap.
The global data backs this up. INTERPOL identifies BEC as the most frequently reported fraud type worldwide, and notes that attackers now combine compromised email with deepfake voice calls to validate fraudulent payment requests in real time. The Eftsure survey describes the cultural opening; the INTERPOL report describes how attackers walk through it.
What it means for Australian CFOs
Payment fraud is a finance problem before it is anything else. CFOs own the payments function and the financial risk that flows from it, which makes them the natural owners of the prevention strategy. Read more about why finance leaders are best-placed to lead their organisations’ anti-cybercrime strategies.
The Eftsure research and the official data point to three priorities for Australian finance leaders:
- Close the tooling gap. Most Australian employees aren't being given real-time fraud detection at the point of payment, and the point of payment is where the loss happens. Take a look at Programmed for a real-world example of how AP teams can incorporate these tools with minimal disruptions.
- Fix the cultural barrier to challenging payments. Approval processes that treat seniority as a reason to bypass controls are the single biggest gift to a modern fraudster. "Feeling comfortable challenging a payment" needs to be a baseline expectation, not a rare act of courage. See boilerplate templates that employees can use to push back on senior requests that may or may not be legitimate.
- Lift leadership fluency on modern fraud. Boards and executive teams reading three-year-old briefings on phishing aren't equipped to govern a risk that now includes deepfake video and AI-generated invoicing.
It's also worth holding onto the caveat sitting underneath both the National Anti-Scam Centre and INTERPOL numbers. Many incidents are never reported, and the published losses describe a floor rather than a ceiling. Whatever picture the headline figures paint, the real one is bigger.
Higgins frames the response as a control problem more than a technology one: "There are a lot of bad people out there who would love to break into our homes, but most people fortunately don't because we recognise that it's a problem and we take those steps to make sure that we secure ourselves… Here is a real big problem, but you can do something about it."
The Australians surveyed appear to be alert, worried and they want to do better. The next move belongs to the decision-makers who have the ability to equip them with better tools and processes.
Looking to take charge of your business's fraud defences? Download our anti-cybercrime strategy guide.
