How much money do Australians lose to payment fraud each year?

In 2024, Australians lost a combined $2.03 billion to scams across all categories, including payment redirection, investment scams, and business email compromise. Payment redirection scams alone accounted for $152.6 million.

What is the most common type of payment fraud in Australia?

Business email compromise (BEC) and payment redirection scams are the most common payment fraud types targeting businesses. BEC cost Australian businesses $84 million in the 2023-24 financial year, with an average loss of $55,000 per incident.

Do banks reimburse payment fraud losses in Australia?

Rarely. According to ASIC, 96% of scam losses are borne by the customer, not the bank. Only 13% of scam payments are detected and stopped, and only 2-5% of total losses are reimbursed by banks.

Which industries are most targeted by payment fraud?

Construction, retail, education, transport, professional services, and healthcare are the most targeted industries. The AFP has issued specific warnings about BEC scams targeting the construction sector due to high-value transactions and frequent invoicing.

THE PROBLEM

$2.03 billion lost to payment fraud. Every year.

The latest Australian payment fraud data, sourced from official reports and industry research. Here's what your business is up against.

Protect Your Payments See The Solution

$2.03B

Total scam losses

Combined Australian losses in 2024

Source: NASC Targeting Scams Report, 2024

$152.6M

Payment redirection fraud

Up 66% from the previous year

Source: NASC Targeting Scams Report, 2024

96%

Losses borne by victims

Banks reimburse just 2-5% of losses

Source: ASIC Report 761, 2023

Here's what the data says

Business Email Compromise (BEC)

BEC is the #1 cyber threat targeting Australian businesses. Scammers compromise or impersonate email accounts to redirect payments to fraudulent bank accounts.

$84M

Total BEC losses in FY2023-24

ASD Annual Cyber Threat Report

$55K

Average loss per BEC incident

ASD Annual Cyber Threat Report, FY2023-24

+138%

Increase in BEC losses for large businesses

ASD Annual Cyber Threat Report, FY2024-25

1,400+

BEC reports with financial loss in FY2023-24

ASD Annual Cyber Threat Report

The cost of cybercrime by business size

The average cost of cybercrime is rising across every business size. No one is too small to be a target.

Small Business

$56,571

+14% year-on-year

ASD Annual Cyber Threat Report, FY2024-25

Medium Business

$97,166

+55% year-on-year

ASD Annual Cyber Threat Report, FY2024-25

Large Business

$202,691

+219% year-on-year

ASD Annual Cyber Threat Report, FY2024-25

Recovery is almost impossible

Once money leaves your account through a fraudulent payment, the chance of getting it back is almost zero. Prevention is the only reliable strategy.

96%

of scam losses are borne by the victim

Banks do not reimburse the vast majority of fraud losses. The money is your problem.

Source: ASIC Report 761, 2023

13%

of scam payments detected by banks

Banks catch roughly 1 in 8 scam payments. The other 7 go through.

Source: ASIC Report 761, 2023

of victims globally recover their money

Once a fraudulent payment clears, recovery rates are near zero worldwide.

Source: GASA / Feedzai Global State of Scams, 2024

<5%

of total losses reimbursed by banks

Individual Australian banks reimburse between 2% and 5% of scam losses.

Source: ASIC Report 761, 2023

AI is making payment fraud worse

Deepfakes and AI-generated emails are making fraud harder to detect. The old methods of "call them to check" won't work when the voice on the phone is fake too.

20%

of Australian businesses received deepfake threats in the past 12 months

Mastercard, 2024

+257%

increase in global deepfake incidents year-on-year

Deepstrike, 2024

$25M

lost in a single deepfake attack (Arup, Hong Kong, 2024)

Multiple sources, Feb 2024

Most targeted industries

Some industries are hit harder than others, but no sector is immune. If your business processes payments, you're a target.

Construction

High-value subcontractor payments and frequent invoicing make construction a prime BEC target. The AFP issued a specific warning in 2024.

Professional Services

Trust-based supplier relationships and regular invoice cycles create opportunities for email impersonation and fake invoice scams.

Healthcare

102 data breaches in the second half of 2024 alone. Ransomware incidents doubled in FY2024-25. Compliance requirements add complexity.

Government

Public money, procurement rules, and large payment volumes make local and state government a high-value target for fraud.

Education

Universities process payments to thousands of suppliers. The University of Queensland found $3.5 million in duplicate payments.

Retail & Transport

High-volume payment processing across multiple suppliers, warehouses, and logistics partners creates attack surface.

Sources: ASD Annual Cyber Threat Report FY2024-25, AFP Media Release 2024, NASC Targeting Scams Report 2024

Prevention is the only strategy that works

Banks won't catch it. Recovery is near impossible. The only reliable protection is verifying every payment before money leaves your account. That's exactly what ezyshield does.

Book a Demo Learn More

$2.03 billion lost to payment fraud. Every year.

Business Email Compromise (BEC)

The cost of cybercrime by business size

Recovery is almost impossible

AI is making payment fraud worse

Most targeted industries

Construction

Professional Services

Healthcare

Government

Education

Retail & Transport

Related content

Payment Fraud Prevention Guide

Payment Redirection Fraud

Business Email Compromise

Fraud Statistics 2025

Prevention is the only strategy that works