Consumer fraud in Australia: costs, rates and awareness of the risks in 2008
Trends & issues in crime and criminal justice no. 382
Russell Smith and Carolyn Budd
Canberra: Australian Institute of Criminology, October 2009
Foreword | This paper examines the current evidence of the cost, extent of and awareness of consumer fraud in Australia. In 2008, the ABS found that approximately five percent of the Australian population reported being victimised by consumer scams, with personal losses reaching almost $1b. This paper compares the findings of the ABS survey with those gathered by the AIC during the annual fraud awareness-raising activities conducted by the Australasian Consumer Fraud Taskforce. In 2008, a self-selected sample of 919 respondents to the AIC’s online survey reported being victimised by a wide variety of scams, including those relating to fictitious lotteries, phishing scams, financial advice and other attempts to elicit personal information from respondents. Individuals from all age groups were targeted in these scams, with older Australians being victimised to a similar extent to those in their middle years. Armed with an understanding of the nature and scope of the risks, consumer protection and other regulatory agencies can tailor their fraud prevention activities to maximise their impact—therefore reducing the extent to which consumers take up offers which are too good to be true.
General Manager, Research
Each year, many Australian individuals and businesses are defrauded by criminals based both within and outside Australia. Technology has made it relatively easy to disseminate misleading and dishonest information, with potential victims now able to be targeted on a worldwide basis. Unfortunately, there is now clear evidence that fraud costs the Australian community $8.5 billion each year (Rollings 2008) and as this paper shows, consumer fraud comprises a considerable proportion of this.
Fraud is a diverse crime category that involves the use of deception to obtain some benefit. It can take a range of forms and affects government through loss of revenue, business through misappropriation of assets and individuals via consumer scams. Consumer fraud can be divided into four main categories, based on the methods of deception involved (see Grabosky, Smith & Dempsey 2001: 111):
- advance fee schemes—in which the offender pretends to sell something that does not exist while taking money in advance, or offers a large reward for which an upfront fee must be paid in order to access it
- non-delivery and defective products and services—in which the offender seeks to supply goods or services of a lower quality than the goods or services paid for, or fails to supply the goods and services at all
- unsolicited and unwanted goods and services—in which the offender persuades customers to buy something they do not really want through deceptive marketing techniques
- identity fraud—in which a benefit is gained, or obligations avoided, through the use of a fabricated, manipulated, or stolen/assumed identity.
Consumer scams have been defined as 'a fraudulent invitation, request, notification or offer, designed to obtain someone's personal information or money or otherwise obtain a financial benefit by deceptive means' (ABS 2008: 5).
Advance fee schemes, such as the notorious Nigerian email scams, are an example of consumer scams which are now prevalent. Further categories of scam types can be found in the Australian Competition and Consumer Commission's (2008) The little black book of scams. Consumer scams target potential victims via three different types of attacks: syntactic, semantic and blended methods (Smith 2008). Syntactic attacks involve exploitation of technical vulnerabilities such as the use of malicious computer code (malware) transmitted via email. Avoiding syntactic attacks requires continuous protection against constantly evolving malicious software. Semantic attacks involve the use of social engineering or the exploitation of human vulnerabilities to deception. For example, a fraudster may pretend to be a lawyer advising the victim of a windfall received under a will. Requests will be made for payments to cover fictitious court costs or duties which will then be stolen from the victim. Avoiding victimisation through semantic methods requires knowledge of the possibility of fraud on behalf of the victim and a willingness to avoid it. Blended attacks involve the use of technical vulnerabilities to facilitate social engineering. Phishing attacks, in which websites are fabricated with a view to tricking users into disclosing personal information online, are an example of a blended attack.
Protecting consumers against fraud is an ongoing challenge. Scams must constantly evolve in order to remain viable money-making schemes for perpetrators. As fraud relies on successfully deceiving victims, the format of the scam must continually change so as to secure victims who may have become aware of existing typologies.
As the content of scams changes over time, so too does the method of delivery. The development of new technologies has been identified as a key factor in the expansion of consumer fraud (Choo, Smith & McCusker 2007). The advent of the internet and email in recent decades has facilitated 'spamming', where email scams are sent in bulk to countless recipients simultaneously in locations around the world. The ease in which these scams can be distributed helps to create an ever growing pool of potential victims and also creates greater opportunities for organisation and networking between groups and perpetrators of fraud.
Prevalence and victimisation rates
There are a multitude of problems with defining, measuring the extent of and calculating the cost of fraud. Some of the general problems with measuring fraud were outlined by Mayhew (2003) and these issues are relevant for consumer fraud. The range of acts that constitute fraud make reliable estimates of prevalence difficult to generate, as does the large portion of unreported or unidentified fraud, described by Mayhew (2003) as 'hidden fraud'. Incidents can remain 'hidden' because the deception is so central to the fraud that incidents are not always discovered by victims.
It can also be difficult to estimate financial losses from fraud, both for victims and authorities (Mayhew 2003). Due to the variety of fraud offences and variation in the size and type of fraud incidents, it is also difficult to estimate the cost of unreported fraud. Even when fraud is known to have occurred, it is not always possible to uncover or estimate the full extent of loss.
The different definitions used to describe what constitutes fraud also make comparisons of estimates difficult, as while research may focus on 'fraud', different studies may not necessarily be researching the same types of incidents.
There is also no uniform method for collection of data on consumer fraud in Australia and data collected by individual agencies or organisations are used in varying ways depending on the needs of collecting bodies. This makes comparing different figures collected on fraud problematic.
Previous research into consumer fraud has generated differing results about consumer fraud exposure and victimisation. Overseas, Titus, Heinzelmann and Boyle (1995) found that 58 percent of people had received a solicitation for fraud in their lifetime, while 31 percent had been exposed in the previous 12 months. Of the total sample, 15 percent had been victimised by some type of personal fraud in the previous 12 months (48% of those who had an attempt made). Similar results were found by Van Wyk and Mason (2001), with 57 percent of their sample of 400 adults in an American county receiving a fraud invitation and 46 percent of those becoming a victim.
In 2004, the Federal Trade Commission (FTC) in the United States found that 11 percent of adults were victims of consumer fraud in the previous year. Of these, eight percent of the population was a victim of one of the 10 consumer fraud types specified in the survey. Advance fee fraud (ACFT) was the most frequently reported fraud type, with a victimisation rate at two percent. However, the definition of ACFT used in the FTC survey was 'paying for a loan or credit card that doesn't arrive', which differs from the definition commonly used in Australia. Australian definitions tend to involve the '419' scams that request assistance in the transferring of money out of a country.
In the United Kingdom, interviews with 46,286 adults conducted for the British crime survey 2008–09 found that 6.4 percent of card users were aware that they had been a victim of card fraud in the previous year. This represents an increase over the 4.7 per cent reporting card fraud victimisation in 2007-08 (Walker et al. 2009). The UK Cards Association (2009) also reported that there were 2.8 million fraudulent transactions on UK-issued cards in 2008, an increase of four per cent from 2007 (2.7 million).
In Australia, the Australian Institute of Criminology (AIC) conducted an online survey from January to March 2008 as part of the Australasian Consumer Fraud Taskforce (ACFT) annual awareness campaign (see Smith & Akman 2008).
The sample comprised 919 self-selected anonymous respondents. When discussing the results of this survey, it is important to be aware of the possibility of self-selection bias among the sample (see Smith & Akman 2008). This bias limits the amount to which the findings can be generalised. The survey contained questions about four specific types of scam invitations: lottery, money transfer (advance fee fraud), personal information (phishing) and offers of financial advice as well as an 'other' category.
- Lottery scams involve the offer of a prize, usually from an overseas lottery, that a person has not entered.
- Money transfer scams or ACFT involve a request to transfer money into a person's bank account. This involves a story, which can vary significantly, but the common theme is the need for an upfront payment in exchange for the promise of a significantly larger repayment in the future.
- Phishing scams involve a fraudulent request for details. Perpetrators will usually impersonate a reputable business such as a bank and request confirmation of personal details such as bank account numbers or passwords.
- Financial advice scams involve payment for 'get rich quick' schemes that offer ways to make money or claim to include investment secrets.
The 'other' category included any scam that did not fit the exact definitions of the types above. This category included 'work from home' scams which involve fake job offers and 'inheritance scams,' which involve an offer to claim an inheritance from a deceased estate, as well as 'dating and romance scams' involving fake profiles on matchmaking websites.
The results showed that 90 percent of respondents had received an invitation to a scam in the previous 12 months. Email was the most common method of delivery, with 80 percent of respondents receiving a scam invitation in this way. Mail was the second most common method of scam invitation delivery; although this was substantially lower at just below 25 percent of respondents (AIC Consumer Fraud Survey [data file] 2008).
In addition, 18 percent of the sample had responded positively to an unsolicited invitation in the 12 months prior to the survey. Responding positively was defined as corresponding in some way with the person(s) to further communication. This could involve anything from a reply email requesting further information to sending money to the person(s) (AIC Consumer Fraud Survey [data file] 2008).
The 'other' category elicited the most positive responses in the 2008 survey (10 percent of the sample). Lottery scams were the second most successful in eliciting positive responses and attracted 5.8 percent of the sample, followed by money transfers at 4.8 percent, then phishing and financial advice, both at 3.7 percent. It appeared that while people received fewer invitations for scams in the 'other' category, these were more likely to be successful when they were received. This could support the argument that fraud attempts are more likely to be successful if the victim has not previously heard of the typology, as the 'other' category is more likely to contain new and emerging fraud categories (AIC Consumer Fraud Survey [data file] 2008).
The percentage of respondents receiving and becoming victimised by scams are shown in Table 1.
|Scam type||Invitation received||Victim of scam type 2008|
|a: People could receive and respond to more than one type of scam|
|Source: AIC consumer fraud survey [data file] 2008|
Research into consumer fraud is often specific to a location or a victim group, rather than the general population. To address this lack of generalisable data, the Australian Bureau of Statistics (ABS) undertook a study on personal fraud in 2007 after a recommendation from the ACFT. It is currently the largest survey of personal fraud undertaken in Australia. The results were recently released as the 2007 Personal Fraud Survey (ABS 2008). The survey measured respondents' experiences of personal fraud, which included both identity fraud and consumer scams. Under these umbrella terms, there were a number of categories for each type of fraud, including various scam types and bank and credit card fraud.
The 2007 Personal Fraud Survey (ABS 2008) was conducted as part of the regular survey of households undertaken by the ABS and involved over 14,000 participants in Australia aged 15 years and over. The inclusion of the survey within the household survey allowed the results to then be generalised to the Australian population, giving estimates of fraud victimisation across all risk categories, rather than just for specific groups of people. The survey participants were asked about all fraud incidents they had experienced in the previous 12 months and detailed responses were sought about the most recent incident.
A person was considered a victim when they responded positively to a scam invitation, from requesting additional information, up to and including supplying personal information or money. This definition was the same as that used in the AIC survey.
The ABS estimated that a total of 806,000 Australians aged 15 years and over were victims of personal fraud in the previous 12 months. This equated to approximately five percent of the population. Of this five percent, identity fraud accounted for 499,500 victims in Australia or three percent of the population. The majority of identity fraud victims experienced credit or bank card fraud (2.4% of population) and identity theft (0.8% of population). Over 450,000 of the surveyed victims lost money as a result of the fraud.
It was estimated that over 5.8 million people were exposed to a scam in the previous 12 months, which equates to 35.8 percent of the population. The most prevalent scams were lotteries (n=2,437,400 people), phishing and related scams (n=2,374,700 people) and chain letters (n=2,054,000 people).
Of those who received a scam invitation, 5.7 percent responded positively which equated to two percent of the Australian population. Lotteries were the most successful scam with 0.5% of respondents becoming a victim. This was followed by pyramid schemes (0.4%) and phishing and related scams (0.4%). A further breakdown of personal fraud victimisation is shown in Table 2.
|Fraud type||Victimisation rate|
|a: Figure has a relative standard error of 25–50 percent and should be used with caution|
|Source: ABS 2008|
|Credit or bank card fraud||2.4|
|Phishing and related scams||0.4|
|Advance fee fraud||0.1a|
Overall, the AIC found higher rates of victimisation in Australia than did the ABS. However, this is somewhat expected given the self-selected nature of the AIC sample. Lottery and prize scams were the most prevalent scam type in both studies.
The variation in the estimates of fraud prevalence from the Australian and overseas research can partly be explained by differences in the samples used and the specific focus of some of the research, for example credit card fraud in the United Kingdom (Walker et al. 2009) or the role of age in consumer fraud victimisation (Van Wyk & Mason 2001). This demonstrates the challenges in comparing research in this area and highlights the need for broader research such as that undertaken by the ABS in the Personal Fraud Survey.
Despite the limitations in measuring fraud, it is nevertheless possible to make estimates about the prevalence of fraud. It should be noted, however, that these estimates relate to fraud in general, rather than consumer fraud specifically.
The cost of fraud in the United Kingdom was conservatively estimated to be at least £12.98b in 2005, while fraud committed against private individuals was estimated at £2.75b (Levi et al 2007). Also in the United Kingdom, the total loss from plastic card fraud on UK-issued cards in 2008 reported by the UK Cards Association (2009) was £609.9 million, an increase of 14 percent from 2007 (£535.2 million). Despite the size of this figure, this represents only one type of consumer fraud and the total sum for all consumer fraud would be significantly higher.
In Australia, fraud is estimated to account for 24 percent of the total financial cost of crime and is considered the most costly in dollar value of all crime types (Rollings 2008). In Australia in 2005, reported fraud was estimated to cost $8.5b (Rollings 2008) and it was estimated that just under 100,000 cases of fraud were reported to the police and recorded. However, it is speculated that only 25 percent of fraud is reported to police or a reporting agency (Rollings 2008), so the actual number could be significantly higher.
The 2007 Personal Fraud Survey (ABS 2008) found that the combined financial loss of personal fraud was almost one billion dollars ($977m) in 2007. The mean financial loss per victim was $2,156 and the median loss was $450. Twenty-six percent of victims of credit or bank card fraud reported losing between $101–500, while a further 25 percent lost less than $100. Only three percent of victims reported losses of over $10,000.
Of the total sample in the AIC Consumer Fraud Awareness Survey, fewer than seven percent of respondents lost money to a scam in the previous 12 months. Considering only those who responded positively to scams, almost 37 percent lost money. The amounts lost by respondents ranged from $6 to $310,000, with the total amount lost being $839,365. The average loss per respondent was $13,760, while the median loss was $1,500. These figures do not include two cases which were extreme outliers and were removed prior to analysis of the data.
Even if approximations underestimate the actual cost of fraud, they demonstrate the seriousness of the problem of consumer fraud both in Australia and globally.
Previous research by Titus, Heinzelmann and Boyle (1995) found a relationship between age and victimisation, however, the relationship was in the opposite direction to what was expected. While it was thought older people would be more at risk, it was found that younger people were actually more likely to be victimised. This is supported by Van Wyk and Mason (2001) who found that risk of victimisation actually decreased with age. Van Wyk and Mason (2008) also found that victims of consumer fraud were more likely to take financial risks and to socialise with people than non-victims were. This may partly explain why young people are more vulnerable to consumer fraud, however, age remained the strongest indicator of victimisation.
The FTC (2004) also found that older persons were less likely to be victims of fraud than younger persons. Eleven percent of participants in the 25 to 44 years age group were victims of fraud, compared with only five or six percent of those in the 55 years and over age group. However, unlike the findings of Van Wyk and Mason (2008), when the FTC controlled for other factors, age did not appear to be a strong indicator of victimisation.
The Personal Fraud Survey (ABS 2008) victimisation rates for personal fraud based on age are shown in Table 3. Persons aged 35–44 years had the highest victimisation rate at 4.3 percent for identity fraud and 2.6 percent for scams. Interestingly, persons aged 55 years and over had the lowest victimisation rate. This finding supports the previous results from Muscat, James and Graycar (2002) who found persons over 65 years were at a lower risk of experiencing consumer fraud than younger people. Muscat, James and Graycar (2002) note that despite lower victimisation rates among elderly people, consumer fraud is still the most common personal crime affecting older Australians and it therefore remains an issue of concern.
|Age group (years)||Victim of ID fraud||Victim of scam|
|Source: ABS 2008|
This finding coincides with that of the AIC online survey which found that age was not a significant factor in victimisation generally, but, when looking at individual scam types and the propensity to respond positively to scam invitations, age becomes significant.
The AIC found the 25–34, 35–44 and 55–64 year old age groups held the largest percentage of fraud victims (23.2%, 21.4% and 22% respectively; Consumer Fraud Survey [data file] 2008). These figures are shown in Table 4. A more detailed data analysis identified a statistically significant relationship between age and the propensity of an individual to respond positively to a scam (χ2=17.0; p< 0.01). While there were no statistically significant differences between actual and expected incidences of responding positively to a scam for the younger age groups (17 years and below, 18–24 years, 25–34 years, 35–44 years), there were statistically significant differences for the older age groups. Those aged 45–54 years were less likely to respond positively to a scam invitation, while those in the 55–64 and 65 years plus age categories were more likely to respond positively to a scam invitation than expected. Generally, older age groups were more likely than expected to respond positively to the various forms of scams. For lottery scams, statistically significant differences were found for those aged 55–64 and 65 years and over, indicating higher positive response rates. For money transfers, personal details (phishing) and financial advice scams, it was the 55–64 years age group which was more likely to positively respond to scam invitations than expected (AIC Consumer Fraud Survey [data file] 2008).
Part of the reason for differences in victimisation rates for different age categories may be due to exposure to risk through use of the internet. The Roy Morgan survey of 25,000 Australians in 2008, for example, found that 92 percent of respondents aged 14-17 years were heavy or medium internet users, while only 40 percent of those aged 65 or over were heavy or medium users. Similarly, those in higher income brackets reported increased internet usage (ACMA 2009).
|Age characteristics (years)||Victimisation|
|Source: AIC consumer fraud survey [data file] 2008|
|17 or below||1.8|
The Personal Fraud Survey (ABS 2008) found differences in the rates of consumer fraud victimisation between states and territories. The rate for identity fraud by state or territory ranged between 2.2 percent and 3.5 percent. Western Australia had the highest rate of victimisation (3.5%), followed by Victoria (3.4%). South Australia recorded the lowest rate (2.2%). The victimisation rate for the remaining states and territories ranged from 1.7 percent in New South Wales to 3.1 percent in the Northern Territory.
Reporting consumer fraud
Reporting rates for consumer fraud vary considerably and can be affected by multiple factors. The problems of varying definitions and a lack of awareness of fraud incidents contribute to under-reporting, but it can also be affected by the availability of a reporting agency, motivation of the victim and whether the victim believes it is worth reporting.
Titus, Heinzelmann and Boyle (1995) found that only 15 percent of fraud incidents were reported to a formal agency and of these, 62 percent were reported to law enforcement. Muscat, James and Graycar (2002) found that 35 percent of fraud victims reported to a formal agency, with 13 percent reporting to the police.
The FTC (2004) found that 29.3 percent did not report being victimised and only 8.4 percent reported to an official source (eg a consumer agency or police). Consumers were most likely to report to the seller or manufacturer (53.7%).
The Personal Fraud Survey (ABS 2008) found that victims of credit or bank card fraud were the group most likely to report to a formal agency, with a reporting rate of 76 percent, compared to 57 percent of victims of identity theft. While these two figures vary considerably, they remain higher than the reporting rates for scams, which were consistently lower than those for identity fraud. The 'other' scam category was estimated to have a reporting rate of 40.6 percent, while the rate for reporting lottery scams was lower at just 26.6 percent.
The AIC online survey found just over 36 percent of the total sample reported at least one unsolicited scam invitation in some manner. However, of those who had responded positively to a scam, just over 66 percent reported their experience in some way. This leaves approximately one third of victims who are not reporting in any way.
The two agencies that AIC survey respondents indicated they were most likely to report to were a consumer affairs agency (18%) or the business involved (16%). The rate for reporting to the police was lower, at just seven percent (AIC Consumer Fraud Survey [data file] 2008).
The evolution of fraud perpetration techniques means that consumer fraud is an ongoing problem. When advances are made towards reducing an existing type of fraud, another scam quickly appears in a new format.
Previous research into consumer fraud reveals divergent findings. Rates of victimisation differ according to the definition of fraud used. In the United Kingdom, only one percent of those people who owned a credit or debit card were a victim of card fraud, however the AIC found that 18 percent of this same population had responded to a scam. The difference in findings is likely to be due, in part, to the different methodologies used, the aims of the research conducted and because generally, research tends to focus on specific groups rather than the general population which may inflate victim numbers if the surveyed group is a more vulnerable target for scams. There are few studies that have used a broad population sample. However, replicating the ABS Personal Fraud Survey allows trend data to be gathered which can then measure any changes in victimisation over time.
Past research shows that reporting rates vary considerably for different fraud types and while rates are relatively high for incidents involving known bank or card fraud, rates for reporting consumer scams are comparatively low. It is important to increase the rate of reporting among both victims and those exposed to fraud through unsuccessful invitations, as this will assist in developing strategies to prevent victimisation and maintain up-to-date knowledge of fraud threats and typologies.
The pervasive way in which people are targeted for consumer fraud means that combating the problem will require collaboration from multiple industry sectors. The ACFT annual awareness campaign aims to raise awareness about consumer fraud, enhance enforcement activity and generate greater interest in future research on the issue. As awareness of fraud risks increase, rates of victimisation are likely to decrease. There may also be a need to improve avenues for reporting such as through the creation of a single, coordinated portal for scam reporting.
- All URLs correct as at 6 August 2009.
- Australian Bureau of Statistics (ABS) 2008. Personal fraud 2007. cat. no. 4528.0. Canberra: ABS
- Australian Communications and Media Authority (ACMA) 2009. Australia in the digital economy: Online participation. Canberra: ACMA.
- Australian Competition and Consumer Commission (ACCC) 2008. The little black book of scams. Canberra: ACCC
- APACS 2008. Fraud: the facts 2008. London: APACS.
- Choo K-KR, Smith RG & McCusker R 2007. The future of technology-enabled crime in Australia. Trends & issues in crime and criminal justice no. 341 Canberra: Australian Institute of Criminology.
- Federal Trade Commission (FTC) 2004. Consumer fraud in the United States: an FTC survey. Washington: Federal Trade Commission
- Grabosky PN, Smith RG & Dempsey G 2001. Electronic theft: unlawful acquisition in cyberspace. Cambridge: Cambridge University Press
- Levi M et al 2007. The nature, extent and economic impact of fraud in the UK. London: Association of Chief Police Officers
- Mayhew P 2003. Counting the costs of crime in Australia. Trends & issues in crime and criminal justice no. 247. Canberra: Australian Institute of Criminology.
- Muscat G, James M & Graycar A 2002. Older people and consumer fraud. Trends & issues in crime and criminal justice no. 220. Canberra: Australian Institute of Criminology.
- Rollings K 2008. Counting the costs of crime in Australia: a 2005 update. Research and public policy series no. 91. Canberra: Australian Institute of Criminology.
- Smith RG 2008. Online personal fraud: quantifying the extent of semantic and syntactic attacks in Australia. Paper presented at the Twenty-Sixth International Symposium on Economic Crime. 3 September: Cambridge, UK.
- Smith R & Akman T 2008. Raising public awareness of consumer fraud in Australia. Trends & issues in crime and criminal justice no. 349 Canberra: Australian Institute of Criminology.
- The UK Cards Association 2009. Fraud: the facts. London: The UK Cards Association.
- Titus RM, Heinzelmann F & Boyle JM 1995. Victimisations of persons by fraud. Crime and delinquency 41(1): 54–72
- Van Wyk J & Mason KA 2001. Investigating vulnerability and reporting behaviour for consumer fraud victimisation: opportunity as a social aspect of age. Journal of contemporary criminal justice 17: 328–345
- Walker A, Flatley J, Kershaw C & Moon D (eds) 2009. Crime in England and Wales 2008-09. London: Home Office.
Dr Russell G Smith is Principal Criminologist at the Australian Institute of Criminology.
Carolyn Budd was formerly a research assistant at the Australian Institute of Criminology.