.svg)
Overseas card-not-present (CNP) fraud now accounts for the largest share of the country’s card fraud losses, according to new figures from the Australian Payments Network (AusPayNet).
The industry body’s shows that overall fraud on Australian-issued cards jumped 20 percent in 2024 to A$913m ($595m), despite total card spending rising by just 7 percent to A$1.16trn.
The overall card fraud rate climbed 12 percent year-on-year, from 70.2 cents to 78.8 cents per A$1,000 spent, according to the data.
CNP fraud, which covers transactions where the card is not physically presented, such as online purchases, is the dominant threat, according to the payment operator, which found that CNP tactics accounted for 90 percent of all card fraud last year.
For the second consecutive year, overseas CNP fraud outpaced its domestic equivalent, growing 25 percent to A$454m and occurring at a rate of A$12.08 for every A$1,000 spent overseas.
This growth was well above the 15 percent increase in overseas card spending over the same period.
"It is encouraging to see indicators of the continued positive impact of the CNP Fraud Mitigation Framework on the payments industry’s efforts to combat CNP fraud, evident in the subdued growth in losses from domestic CNP fraud,” said AusPayNet chief Andy White.
“But while this is good news, there is no room for complacency. Growth in CNP fraud has shifted to offshore transactions, which presents a more complex challenge that requires a global response.”
A point of vulnerability
Domestic CNP fraud rose 11 percent to A$362m, but domestic spending on Australian-issued cards jumped 21 percent.
The domestic CNP fraud rate fell to a record low of A$0.97 per A$1,000 spent, reflecting the impact of the introduced in 2019 and other industry security measures.
Although just 3 percent of total card spending in 2024 involved Australian cards used overseas, overseas CNP fraud accounted for half of all card fraud losses and occurred at a rate more than 12 times higher than the domestic CNP fraud rate.
AusPayNet said overseas CNP transactions operate outside Australia’s regulatory framework, making them more vulnerable to scams and cybercrime.
Many offshore merchants are not required to use strong customer authentication (SCA) protocols, creating security gaps exploited by fraudsters, some linked to scam compounds in Southeast Asia that use stolen card details to fund wider criminal operations.
“SCA enhances payment security by allowing consumers to confirm if they are authorising a transaction. Criminals continue to employ a range of tactics to steal card credentials and exploit vulnerabilities that are created when merchants do not deploy SCA,” said White.
Other fraud trends
Other categories of card fraud showed mixed trends. Lost and stolen card fraud rose 31 percent to $68m, whereas counterfeit/skimming losses fell 20 percent to $6.2m after law enforcement disrupted foreign crime syndicates targeting Australian ATMs.
Fraud involving cards never received increased 41 percent to $2.4m, and fraudulent applications were up 56 percent to $1.4m, the data shows.
“Our focus continues to be on making Australia a much harder target for economic crime, including fraud and scams. We aim to maximise protections for consumers against the threat of overseas CNP fraud,” said White.
“As this work continues, we also urge consumers to take steps to support their own online security. Specifically, it is important to exercise caution when responding to emails, text messages or online advertising links to online shopping sites, particularly overseas sites.”
A problem that is hard to manage
Without the regulatory tools in place to ensure adherence to national standards, overseas CNP fraud is difficult to control. This is because Australian regulators have no authority over foreign merchants and acquirers, meaning many operate without protections such as SCA.
This leaves Australian-issued cards more vulnerable when used abroad or on overseas websites.
Cross-border investigations are also hampered by complex legal processes, the need for mutual assistance treaties and the challenges of coordinating enforcement across jurisdictions.
UK politicians have flagged similar issues. As covered by 91ԭ, Sureena Brackenridge, the Labour MP for Wolverhampton North East, addressed the increasingly international nature of fraud in a parliamentary debate.
She noted that many fraudsters operate from abroad, often in organised rings based in countries such as India, the Philippines, South Africa, Brazil and parts of Eastern Europe.
“Our country, unfortunately, is a prime target for such activity. We do much of our shopping and banking online, and the widespread use of the English language makes it easier for fraudsters abroad to deceive and manipulate their victims here,” she explained.
In a call for a more global approach, Brackenridge suggested incorporating fraud prevention into future trade negotiations with countries where such criminal activity is prevalent.
"Let us make fraud prevention part of the agreements, giving the countries a real incentive to work with us to tackle the issue," she urged, stressing the need for "strong, global, coordinated action" to protect UK citizens from international fraudsters.
The delays highlighted by the data and interventions in both the UK and Australia give organised crime groups more room to manoeuvre.
Overseas CNP scams are often run by sophisticated criminal networks, including Southeast Asian “scam compounds” and SIM-box phishing operations, which supply stolen card details to other fraud syndicates.
Fraudsters act quickly, often making purchases within seconds of obtaining card data, before issuers can block transactions or detect suspicious activity.
Even when SCA is in place, criminals can bypass it by manipulating cardholders into revealing one-time passcodes through phishing, phone scams and other forms of social engineering.
Until international coordination improves, even stricter fraud frameworks such as Australia’s will continue to suffer from weak points created by issues beyond the control of the local authorities.
