Cyber Security: Hacked, Scammed or Attacked?

By /

Hacked, Scammed, or Attacked?

Where to Report Cyber and Scam incidents

Cyber threats and scams are evolving at an unprecedented rate, targeting businesses, individuals, and critical infrastructure alike. While prevention and cybersecurity strategies are key, knowing where, when and how to report cyber incidents is just as crucial for minimising damage and building a stronger, more resilient security posture.

At Implicit OT, we help businesses secure their Operational Technology (OT) environments, but when an attack happens, prompt reporting ensures that threats are tracked, assessed, and mitigated before they cause widespread disruption.

Below are official Australian resources for reporting cybersecurity incidents and scams.

Reporting Cybersecurity Incidents

The Australian Cyber Security Centre (ACSC) is the national government authority for cybersecurity.

Businesses, critical infrastructure operators, and individuals can report cyber incidents such as:

  • Phishing and email-based attacks
  • Ransomware and malware infections
  • Business email compromise (BEC)
  • Critical infrastructure breaches
  • Other targeted cyber intrusions

Report incidents here:

ACSC – Report a Cyber Incident

For businesses and organisations, the ACSC provides cyber threat intelligence and guidance on incident response, ensuring that security teams can react effectively.

Reporting Scams

Scammers use phishing, social engineering, and financial fraud tactics to exploit individuals and businesses. Scamwatch, run by the Australian Competition and Consumer Commission (ACCC), provides a reporting tool to track and mitigate scams.

Report scams here:

Scamwatch – Report a Scam

Scamwatch helps Australians stay informed about emerging fraud tactics and provides guidance on protecting yourself and your business from financial loss.

Why Reporting Matters

  • Incident Traceability – Every report adds to national intelligence on evolving cyber threats.
  • Threat Intelligence Sharing – Authorities can track trends and attack vectors to prevent large-scale breaches.
  • Compliance and Accountability – For critical infrastructure operators, incident reporting is mandatory under the SOCI Act and aligns with IEC 62443 and NIST frameworks.

Be Proactive: Strengthen Your Cyber Resilience

Cybersecurity isn’t just about prevention—it’s about preparedness and response.

At Implicit OT, we help organisations establish incident response frameworks that align with industry standards and government regulations.

Need help strengthening your OT security posture? Let’s talk.

Reach out to Implicit OT for more information

Related Posts

Scroll to Top