Identity Theft in Australia:
A Growing Threat to High-Net-Worth Individuals
Identity theft is no longer the domain of opportunistic criminals. Sophisticated, targeted attacks against wealthy Australians are on the rise. Understanding the threat is the first step to addressing it.
Beyond Opportunistic Crime
The popular image of identity theft — a criminal rifling through letterboxes or skimming credit cards at a petrol station — is increasingly outdated. While opportunistic identity crime persists, a more sophisticated and more damaging category of attack has emerged: targeted identity theft against high-net-worth individuals.
These attacks are planned, researched, and executed with a level of sophistication that reflects the value of the target. The perpetrators are not petty criminals. They are organised groups — sometimes operating across multiple jurisdictions — with the patience and capability to conduct extended operations against specific individuals.
The Australian Context
Australia presents a particularly attractive environment for identity criminals. The country's relatively small population of high-net-worth individuals is well-documented through public records — property transactions, company directorships, media coverage, and charitable activities all create a rich data landscape that criminals can exploit.
The Australian Cyber Security Centre (ACSC) reported over 76,000 cybercrime reports in the 2022-23 financial year — an increase of 23% from the previous year. Financial losses from identity crime are estimated in the billions annually, with high-net-worth individuals disproportionately represented among the most severely affected.
Several high-profile data breaches in recent years — including Optus, Medibank, and Latitude Financial — have placed the personal information of millions of Australians in criminal hands. For wealthy individuals whose data was included in these breaches, the risk profile has materially changed.
How Targeted Identity Theft Works
A sophisticated identity theft operation against a high-net-worth individual typically follows a recognisable pattern:
Intelligence Gathering
The attacker builds a comprehensive profile using data brokers, public records, social media, and in some cases, purchased breach data. This profile includes personal details, financial information, family connections, and daily patterns.
Credential Acquisition
Using the intelligence gathered, the attacker attempts to compromise email accounts, financial accounts, or identity verification systems. This may involve phishing, SIM swapping, or exploiting weak account recovery processes.
Identity Establishment
With sufficient credentials and personal information, the attacker establishes fraudulent identity documents, opens financial accounts, or redirects existing accounts. In Australia, Medicare, driver's licence, and passport details are particularly valuable.
Financial Exploitation
The established identity is used to access existing financial accounts, open new credit facilities, execute fraudulent transactions, or redirect property and investment proceeds.
Concealment
Sophisticated attackers take steps to delay detection — intercepting correspondence, suppressing fraud alerts, and moving funds quickly through multiple accounts before the victim becomes aware.
The Particular Risks for Property Owners
Property fraud is an increasingly common and devastating form of identity theft in Australia. Criminals who successfully impersonate a property owner can attempt to sell or mortgage the property without the owner's knowledge. While Australian state land registries have introduced some protective measures, the risk is real and the consequences can be catastrophic.
High-net-worth individuals with significant property portfolios should consider placing caveats on titles and monitoring land registry activity as part of their identity protection strategy.
Protective Measures
Place a credit freeze with all major Australian credit reporting agencies (Equifax, Experian, illion) to prevent new credit being opened in your name
Enable identity theft insurance with a reputable provider — ensure the policy covers legal costs and lost income, not just direct financial losses
Monitor your credit report quarterly for unfamiliar accounts or enquiries
Secure all identity documents and limit the number of organisations that hold copies
Implement strong, unique authentication on all financial and government accounts
Monitor dark web sources for your personal information, credentials, and identity documents
Consider a caveat on property titles if you hold significant real estate assets
Protect your identity
Castlebridge provides comprehensive identity protection as part of every engagement — including credit monitoring, dark web surveillance, and immediate response support if your identity is compromised.
Request a Consultation