Almost half of all Australians who were online in the last 12 months have reported being a victim of some form of cybercrime, according to an alarming survey from the Australian Institute of Criminology which warns of a cybercrime wave hitting our shores.

Of the more than 13,800 respondents to a survey conducted between February and March, 47 per cent said they had been victimised by cyber crime in the previous year.

The report is the first in a series of investigations into the victimisation of computer users that is digging down into the demographics, harm, and help-seeking behaviour of people who have been targeted by cyber criminals.

“Cybercrime has become a pervasive and persistent threat to individuals, businesses and government,” the Cybercrime in Australia 2023 report says.

“In Australia, as in many other countries, the use of the internet and digital technology has become an integral part of everyday life, including for day-to-day communication, entertainment, and work.

“This reliance on technology, along with the relative wealth of its population, has made Australia an attractive target for opportunistic and motivated cybercriminals.”

The most common form of cybercrime people reported experiencing was online abuse and harassment (27 per cent) followed by malware (22 per cent), identity crime (20 per cent), and fraud or scams (8 per cent).

But the Institute of Criminology notes that cybercrime is, by its nature, “complex and clandestine” – making it difficult to categorise and get a wholly accurate picture of how it affects people. One form of cybercrime often leads to another, like when credential-stealing malware leads to identity theft and fraud.

“A person may not understand what happened to them, simply that they experienced an adverse outcome (such as losing money),” the report says.

“Even if they do know, they may not have enough information about the specifics of their case. It may be difficult to describe the incident.

“A person who has fallen victim – such as by having their identity stolen – may be unaware for some time, especially if they are not sure what to look for.”

Because of these reasons, the report notes that cybercrime tends to get underreported which is a concerning possibility given the “enormous” potential cost for Australians, estimated at $3.5 billion a year.

Unsurprisingly, there has been a marked increase in the awareness of cyber crime in the wake of the high-profile Medibank and Optus data breaches that affected millions of Australians.

A similar survey from mid-2021, the report says, found that only 9 per cent of people had been notified of a data breach in the previous year. But the latest figures see that figure being pushed out to 26 per cent – a nearly threefold increase.

The well-known danger is that being involved in a data breach greatly increases the likelihood you will be affected by identity theft.

Australian Institute of Criminology acting deputy director Anthony Morgan said the survey results suggest a lack of awareness around how to report cybercrime.

“While many people don’t report because they think they could deal with the problem themselves or because it wasn’t serious enough, a large proportion didn’t know where or how to report,” he said.

“We need to make sure people know what help is available and who they can contact when they have fallen victim.”

If you think you have been a victim of cybercrime, head to esafety.gov.au or cyber.gov.au to report your incident or find out more information.