Australians are reaching out to the nation's Cyber Crime Reporting program more than ever, but there are still many incidents that go unreported.
According to head of the Australian Cyber Security Centre (ACSC) Rachel Noble, since her organisation assumed responsibility for what was previously known as the Australian Cybercrime Online Reporting Network (ACORN) on July 1, it has received about one report every 10 minutes.
"There's someone in Australia telling us that something has happened to them and the amount of financial loss is ticking up into the billions, probably, estimated every year just for Australians," Noble told the University of New South Wales (UNSW) and CommBank Australian Cybersecurity Education Summit on Friday.
She said there is still a large number of people that are not reporting cybercrime, saying that unlike a physical item being stolen, data still remains, and it is visible and still usable by its owner.
"If someone snatches your purse on the street, you know it's gone, but someone can steal your data and it's still there," she said.
"Imagine those who don't [report it] -- the number is much bigger than we can really get our heads around."
She said the ACSC is witnessing an "enormous" amount of activity in that space, saying it is "mind-boggling".
ACORN was launched in 2014 by the federal government as a way for Australians to report a vast array of online criminal activities.
In a discussion paper published earlier this month by the government, who sought feedback in regards to a new cybersecurity strategy for the nation, it was highlighted that AU$2.3 billion was stolen by cybercriminals from Australian consumers in 2017; while a total of 53,474 reports were received by ACORN in the 2017-18 financial year, and another 64,528 in 2018-19.
It was also revealed that at least AU$2.1 billion per year is the estimated economic impact of identity crime in Australia.
"Human behaviour is the most significant weakness exploited in cybercrime," the discussion paper said. "Successful attacks often rely on an end-user's lack of cybersecurity understanding, using methods such as mass phishing email campaigns, as well as the more targeted attacks such as spearphishing or whaling."
Under the Notifiable Data Breaches scheme from April 2018 to March 2019, 964 data breach notifications were also made -- 60% of which were malicious or criminal attacks.
Noble was appointed head of the ACSC in June this year.
The ACCC's Scamwatch website has received more than 8,000 reports of remote access scams so far this year.
A report from Australia's consumer watchdog found many locals got caught up in 'pyramid' cryptocurrency schemes last year, hoping to capitalise on the 'success' of bitcoin.
Instead of requesting money from victims, romance scammers are now tricking partners into relaying stolen funds.
Not all online crimes are equal in their impact.
Business email compromise attacks have led to billions in fraud losses in recent years, according to a Barracuda report. Here's how to avoid them.