Fighting Cyber-Enabled Fraud 2025

National models for cyber defence BOX 5 Australia implements a whole-of-nation strategy emphasizing shared responsibility, which has been embodied by the creation of a multidisciplinary National Anti- Scam Centre bringing together competences from across the various government agencies dealing with fraud and scams. Its Scams Prevention Framework, which is due to come into force in 2026, imposes enforceable requirements on telecom, financial and platform providers, with penalties for non-compliance. Canada’s Centre for Cyber Security (CSE) and the Canadian Internet Registration Authority partnered to launch Canadian Shield in April 2020: a free DNS-firewall service that blocks access to malicious domains flagged for phishing, malware or scam activities. By routing users through trusted DNS resolvers, it prevents fraud efforts before they reach the end device. Over the past 12 months, Canadian Shield was used by 2.81 million users, who benefited from around 800 million DNS blocks, resulting in a reduction of visits to malware, phishing and botnet sites. India’s CERT-In, through an AI and situational awareness system, analysed more than 9,800 billion DNS queries in the course of 2024, detecting 2.2 billion queries linked to malicious domains, of which 128 million were phishing-related. A total of 3,044 phishing sites were mitigated, affecting nearly 695,000 users. CERT-In also regularly shares DNS-based threat intelligence with global partners to strengthen international cooperation and secure the digital ecosystem. Singapore adopts a whole-of-nation strategy to counter malicious online activity. The Singapore Police Force (SPF) collaborates with other government agencies, such as the Cyber Security Agency of Singapore (CSA) and the Infocomm Media Development Authority (IMDA), and the private sector to disrupt scam enablers (such as fraudulent communication and marketing channels). International collaboration is also a key pillar in enabling the SPF to take down transnational scam syndicates. These efforts are underpinned by public education campaigns aimed at cultivating digital scepticism to develop a more scam-savvy populace. Switzerland strengthens domain-level defences through proactive disruption. The 2015 Ordinance on Internet Domains (OID) empowers the national domain registry and cybercrime-recognized organizations to act swiftly against online abuse. When domains under “.ch” or “.swiss” are suspected of hosting phishing, malware distribution or botnet activity, they can be blocked or sinkholed for up to 30 days, disrupting malicious infrastructure and reducing potential harm. The United Kingdom has developed the Online Safety Act, which requires social media platforms and search engines to protect their users from fraudulent content and, for larger organizations, from fraudulent advertising. This is part of a broader national effort supported by strong public–private partnerships through an Online Fraud Charter signed by some of the biggest global tech companies and a recently updated Telecommunications Charter. Underpinning this national response, the Fraud Strategy establishes a coordinated framework built on new legislation, improved enforcement mechanisms, increased industry cooperation and public– private data-sharing to proactively identify and prevent fraud. A number of governments have implemented notable approaches to counter phishing and cyber-enabled fraud, illustrating different pathways for capacity-building, regulation and citizen engagement. While the models below have been established chiefly to deal with cybersecurity – with fraud and scams only sometimes featuring as an element of the model – some governments have gone further by establishing a dedicated coordinating body set up to focus efforts and expertise on fraud and scams. A call to accelerate user protections by default Embedding protective tools as defaults creates a more resilient ecosystem, ensuring that security reaches citizens directly and equitably. Targeted interventions can substantially reduce phishing success by hardening the interfaces where users make trust decisions: web browsers, messaging apps, voice calls and authentication methods. Each addresses a distinct attack vector while reinforcing broader protective infrastructure. Action 4 – Bring transparency to website trust and block known threats by default: Users struggle to distinguish legitimate websites from fraudulent sites because a browser’s lock icon signals an encrypted connection but not who is at the other end of it. Belgium’s Safeonweb browser extension demonstrates a user-facing solution: colour-coded trust signals based on the website owner’s level of verification and threat intelligence (see Box 6). Extended validation certificates attempted similar goals but failed after browsers removed prominent indicators around 2019.57 Given skyrocketing phishing and fraud levels, users need clear trust signals more than ever. A modernized approach requires standardized, prominent browser indicators distinguishing verified organizations from anonymous sites, leveraging governmental digital identity frameworks such as eIDAS where available alongside industry-led alternatives. Complementing browser-level signals, Fighting Cyber-Enabled Fraud: A Systemic Defence Approach 16