Over 40 per cent of Australian cybercrime victims in 2024 were victims of multiple forms of cybercrime, according to a new government report.

The Cybercrime in Australia 2024 report, which was published on Monday by the Australian Institute of Criminology (AIC), found that 42.1 per cent of all cybercrime victims fell victim to multiple cybercrime types in a single year.

The report looked at four key types of cybercrime: online abuse and harassment, malware, identity crime and misuse, fraud and scams.

It found that 47.4 per cent of Australians reported falling victim to any cybercrime in 2024.

While online abuse and harassment were the most common types of cybercrime, affecting 26.8 per cent of the 10,335 Australians who participated in the AIC survey, followed by identity crime and misuse.

Among all victims, 6.6 per cent were victimized across all four cybercrime types.

The Australian Federal Police (AFP) Cyber Commander Graeme Marshall said the report shows that cybercrime prevention needs to be an everyday habit for Australians rather than a one-off effort.

“Cybercriminals don’t just move on after one attack. If they find a vulnerability, whether that’s a weak password, outdated software or a compromised email, they’ll come back again and again often in different ways,” he said in a statement.

According to the report fraud and scams was the least common type of cybercrime, affecting 9.5 per cent of survey participants in 2024, but the victims were the most vulnerable to other types of cybercrime.

The report said Victims of three or more types of cybercrime were at least three times more likely to experience health, financial and legal impacts than victims of one type.