National Australia Bank (NAB) executive for group investigations Chris Sheehan warns that Australia's major banks are under relentless cyber-attacks, placing the entire community at risk.
"Every bank. Every bank is being attacked all the time," said Sheehan, highlighting the continuous bombardment faced by Australia's 'Big Four' banks, which range from amateur hackers to sophisticated transnational crime groups and even nation-state actors
"If it's not us being attacked, then our customers are being attacked in an effort to steal their information and their money,” he added.
“There's no typical demographic. The entire community is at risk.
"We're engaged in asymmetrical warfare on a day-by-day basis.”
Australians are losing approximately A$3 billion annually to cyber criminals, according to cyber security expert Troy Hunt.
While Hunt is hesitant to label the attacks as "warfare", he acknowledged the widespread and misunderstood nature of these cyber threats.
“I imagine most people are not aware of how prevalent the online attacks are, probably in part because they don't have a sense of the fact these attacks do originate from all over the world, all sorts of different demographics are mounting them," he said.
Hunt also pointed out the perceived lower risk and higher rewards associated with cybercrime compared to traditional bank robberies. "It's not about grabbing cash out of a till, it's about potentially grabbing hundreds of thousands of dollars or millions of dollars in one go," he explained.
Cyber defences ramped up
In response, banks like NAB have ramped up their cyber defences. Sheehan detailed NAB's extensive efforts, including a dedicated fraud and scams team of nearly 400 people available around the clock. Additionally, NAB has ceased sending text messages with links to customers, aiming to reduce phishing scams.
Despite these measures, Sheehan acknowledged the challenges in recovering funds once a scam payment is sent.
He urged customers to be cautious of offers that seem too good to be true or involve undue pressure to make payments.
"If the story you're being given contains either of those elements, don't hit send on a payment, run a mile," he advised.