News Daily


Men's Weekly

Australia

  • Written by The Conversation

It starts with a call from someone claiming to be your bank. They know your name. They know your bank. They even know your credit card number. There’s been “unusual activity” on your account, they say – and they just sent you a one-time passcode to verify your identity so they can assist.

You read out the code and feel reassured. Moments later, your funds are gone and the bank refuses reimbursement, citing a breach of terms because you voluntarily shared your passcode.

This is not a niche or isolated scam. It’s part of a growing pattern we’re seeing across Australia and beyond: cyber criminals are merging digital and real-world tactics in ways that make these frauds more convincing, harder to stop, and far more damaging.

It starts with stolen data

These scams don’t begin with a phishing email or fake app. They begin with data – your data – stolen in one of countless breaches, such as the latest Qantas incident that exposed the details of up to 5.7 million customers.

Sometimes the personal data has been sold through third-party data brokers. Names, phone numbers, emails, even card details are routinely leaked and traded online.

Once they have this information, scammers get to work. The phone call mimics a real interaction with a bank, perhaps with a spoofed caller ID. Victims are pressured in urgent language to “verify” their identity, often by reading out a one-time passcode that, unbeknownst to them, is authorising a transaction using their own card details.

We refer to this as a “convergence scam” – where online data leaks, psychological manipulation and weak enforcement come together. It’s a sophisticated hybrid of digital theft and physical-world exploitation, and it’s on the rise.

Devastating and personal

These scams are deeply personal and can be financially devastating. But what makes them even more alarming is the system-wide failure surrounding them.

For starters, many credit card fraud insurance policies contain clauses that exclude coverage when the customer “voluntarily” provides account credentials – including one-time passcodes – even if they did so under duress or deception.

One victim we spoke to lost nearly A$6,000 after a scammer posing as their bank prompted them to read out a passcode over the phone. The transaction was verified using that code, and the bank later refused to reimburse the loss.

In a formal response, the bank stated that by voluntarily sharing the one-time passcode, the customer had breached the epayments code, even though they were manipulated into doing so. As a result, the customer was held liable and ineligible for a chargeback.

Law enforcement may not help

Even when the criminals leave a physical trail, follow-up is rare. Law enforcement rarely investigates. In the cases we’ve seen, reports are acknowledged but not pursued. Officers don’t explicitly say the case is too small or not worth the effort, but their inaction suggests it, especially given how resource-intensive most cyber-crime investigations tend to be.

In many instances, particularly when the total loss isn’t deemed significant, victims are simply told to follow up with their bank, based on the assumption they’ll be reimbursed.

In one case we reviewed, stolen card details were used in-store at major Australian retailers such as Woolworths and Coles – indicating that a cloned card had been physically used. These purchases could, in theory, be tracked back to in-store CCTV footage. But no investigation was launched.

This reluctance to act, even when the evidence is tangible, sends a dangerous message: that scammers can operate with near-impunity.

Meanwhile, banks and regulators are slow to update verification systems. One-time passcodes are still widely used, even though scammers now exploit them routinely. There’s little recourse for victims, and minimal accountability for data brokers whose records fuel these scams.

What can we do to protect ourselves?

For individuals, the first line of defence is simple but vital:

  • never share a one-time passcode or security code over the phone, even if the caller seems legitimate
  • if in doubt, hang up and call the bank directly using the number on your card
  • be cautious about where and how you share your personal information, especially online through websites or social media. Only disclose what personally identifiable information you have to.

The true answer is systemic change

Banks and other institutions need to put into place stronger identity verification systems that don’t rely solely on SMS codes. We need greater transparency and regulation of data brokers.

Read more: 70% of Australians don’t feel in control of their data as companies hide behind meaningless privacy terms

Crucially, we also need active enforcement of cyber-enabled fraud, especially when there’s physical evidence, such as in-store purchases and CCTV footage.

Banks should also reassess their policies and procedures on how they communicate with customers. If scam calls closely mimic real ones, it’s time to change the script. More proactive education, clearer warnings, and redesigned verification processes can all help prevent harm.

The real danger of these convergence scams isn’t just financial loss. It’s the erosion of trust: in our banks, in our security systems, and in the institutions meant to protect us.

Once that trust is gone, it’s not easily recovered.

Read more https://theconversation.com/cyber-crime-and-real-world-crime-are-converging-in-a-dangerous-new-way-heres-how-to-stay-safe-260426

How to Bulletproof Your Contracts Against Disputes

In the business world, contracts are the backbone of transactions, partnerships and collaborations. Yet even well-meaning agreements can lead to disputes if they’re not carefully drafted by business contract lawyers. To avoid costly legal battles and protect your interests, it's... Read more

Top 5 Providers of SEO Focused Guest Posts in Florida You Can Trust

Many companies today aim to increase their online presence, which is a good use for guest blogging. In guest blogging, you compose content for the benefit of other websites that link back to yours. This promotes your business and increases... Read more

The Role of Litigation Lawyers in Brisbane

Litigation lawyers in Brisbane play a crucial role in the legal landscape, ensuring justice is accessible and efficiently administered for the clients they represent. They have expertise in handling disputes that may result in court proceedings, with their work encompassing... Read more

Edge Computing: Revolutionising Connectivity in the Digital Age

Edge computing is rapidly transforming how organisations process and manage data, bringing computational power closer to where it's most needed. In an increasingly connected world, Microsoft Azure services are at the forefront of this technological revolution, enabling businesses to leverage... Read more

What You Need to Know About Towing a Caravan

Towing a caravan can be an exciting way to explore Australia's vast landscapes, but it also comes with its own set of challenges. Whether you’ve just purchased a new caravan or are browsing caravans for sale, understanding the ins and... Read more

How to curb short-sightedness in kids

Kids should play outside more to reduce the risk of short-sightedness and potential adult blindnessWe are in the grips of a ‘myopia epidemic’: more than 20 per cent of Australians have myopia or short-sightedness, tipped to rise to 50 per... Read more