When scam losses run into the billions, blaming victims is no longer good enough — scam prevention must become a serious consumer protection obligation for banks, telcos and digital platforms, writes Amit Khan.
AUSTRALIANS ARE STILL TOLD THAT the best defence against scams is to be more careful. Don’t click suspicious links. Don’t trust urgent messages. Double-check bank details. That advice is not wrong. It is just no longer enough.
When annual scam losses exceed AUD$2 billion, the issue is not simply a story about individual carelessness. It is a story about a digital economy in which ordinary people are expected to defend themselves against increasingly sophisticated fraud, while the systems around them remain patchy, reactive, and too ready to shift the blame back onto the victim.
The ACCC's National Anti-Scam Centre says annual scam losses have topped AUD$2.18 billion, while the Commonwealth’s Scams Prevention Framework is built on the idea that this is now a whole-of-ecosystem problem, not just a matter of personal vigilance.
That should change the national conversation. Too often, scam victims are treated as if they made a foolish mistake and must live with the consequences.
But modern scams are not limited to clumsy emails and obvious spelling mistakes. They are polished, targeted, and often convincing. They impersonate banks, government agencies, delivery services, investment firms, and even family members. They exploit trust, speed, and confusion. They thrive in digital systems built for convenience rather than safety.
The “be careful online” message has become a convenient shield for institutions. It allows banks, telcos, and digital platforms to present scams as a problem that begins and ends with the consumer. Yet these same systems carry the messages, process the payments, host the advertising, and profit from the transactions that scammers exploit.
That is why scams should now be treated primarily as a consumer protection failure.
Australia already understands this logic in other parts of public life. If a product is unsafe, we do not simply tell buyers to be more alert. If a financial service is misleading, we do not shrug and say the customer should have read the fine print more carefully. We recognise that markets work properly only when institutions have real obligations to protect the people using them.
The same principle should apply here.
The Scams Prevention Framework is a welcome sign that Canberra is moving in that direction. Treasury says it creates new obligations and rules for sectors heavily targeted by scammers, including banks, telecommunications providers, and certain digital platforms. That is an important step, because it accepts a truth that should have been obvious much earlier: scams flourish in gaps between institutions, and those institutions must be part of the solution.
But passing a framework is not the same as fixing the problem.
The real test is whether ordinary Australians feel meaningfully better protected. That will depend on whether institutions face real pressure to prevent, detect, disrupt, and respond to scams quickly. It will depend on whether victims can seek redress without being treated like suspects. And it will depend on whether regulators are willing to hold powerful sectors accountable when they fail.
A serious consumer-protection response should include at least four things.
First, scam victims should not have to clear endless hurdles just to be heard. Dispute resolution must become faster, clearer, and less adversarial.
Second, banks, telcos, and digital platforms should be required to publish meaningful data about scam activity and their own prevention performance. Consumers deserve to know which systems are safer and which are not.
Third, reimbursement pathways need to be stronger and fairer. A victim should not be denied help simply because a scam was sophisticated enough to appear legitimate in the moment.
Fourth, prevention needs to be built into the system itself. If platforms can target ads with remarkable precision, they can do far more to detect scam advertising. If banks can monitor unusual transactions for compliance and risk purposes, they can do more to stop obvious fraud in real time.
The cost of failure is not only financial. Scam victims often lose confidence, peace of mind, and trust in institutions. Some lose savings meant for retirement, housing, or family support. The emotional damage can outlast the money. Yet public discussion still too often falls back on the same stale script: people should have known better.
No. Systems should have done better.
Australia cannot keep treating scams as private misfortunes in a digital marketplace that is increasingly complex, profitable, and interconnected. We should stop lecturing victims and start asking harder questions of the institutions best placed to prevent harm.
If scam losses are now measured in billions, consumer protection must stop sounding like awareness advice and start looking like accountability.
Amit Khan is a technology policy writer focusing on cybersecurity, digital infrastructure, and emerging technology strategy.
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Australia License
Support independent journalism Subscribe to IA.
Related Articles
- Scam victims left unprotected as banks deny liability
- Calls grow for new banking royal commission amid $8 billion scam losses
- Banks, mules and government fools let scammers run free in Australia
- Why new scam laws might actually bite
- Australian victims on their own in 'honey pot' for scammers
