Bendigo residents lodged more than 340 cybercrime reports with the Australian Cyber Security Centre in the 12 months to June 2026, a figure that local digital safety advocates say almost certainly understates the real toll. Phishing texts, fake toll-road invoices and AI-generated voice scams impersonating bank staff have become a weekly occurrence for many households across the city, and the methods are getting harder to spot.
The shift matters now because the tools available to bad actors have become dramatically cheaper and faster to deploy. Generative AI has collapsed the cost of producing convincing fake emails, deepfake audio and personalised scam messages to near zero. What once required a sophisticated criminal operation can now be attempted by a lone operator working from a laptop. For a city of Bendigo's size, population nudging 130,000, that democratisation of cybercrime is arriving faster than community awareness can keep up.
Local Institutions on the Front Line
Bendigo Bank, headquartered on Pall Mall, has quietly expanded its fraud-detection infrastructure three times since 2024. The bank's retail division now flags transactions using behavioural biometrics, analysing how a customer typically swipes and types, rather than relying solely on passwords or PINs. It's a meaningful change for customers who once thought a strong password was enough protection.
La Trobe University's Bendigo campus, on Edwards Road, launched its Digital Safety Literacy program in February 2026. The six-week course, offered free to community members through the university's community engagement office, covers password hygiene, two-factor authentication, recognising AI-generated phishing attempts and safely navigating public Wi-Fi networks like those in the Hargreaves Mall precinct. Enrolments hit 280 in the first cohort, a number the organisers say surprised them.
The Bendigo Tech Hub, operating out of a co-working space on King Street, has seen a 60 percent increase in small-business owners seeking cybersecurity advice since January. Sole traders, café owners and allied health practitioners make up the bulk of those coming through the door. Many have been stung by invoice redirection fraud, where a criminal intercepts email correspondence between a business and a supplier, swaps out bank account details, and pockets the payment before anyone notices.
What the Numbers Actually Show
Nationally, Australians lost $2.74 billion to scams in 2025, according to the Australian Competition and Consumer Commission's annual Scamwatch report released in March 2026. Investment scams accounted for the largest slice, but cybercrime targeting everyday banking and identity credentials grew 22 percent year-on-year. The average loss per victim across regional Victoria was $8,400, well above the national median.
Two-factor authentication, still not universally adopted, remains the single most effective barrier against account takeovers. The ACSC estimates that enabling it on email and banking accounts blocks roughly 99 percent of automated credential-stuffing attacks. Yet surveys conducted by Victoria Police's Cybercrime Division in early 2026 found that only 54 percent of regional Victorian residents used it consistently across their key accounts.
Browser choice has also become a privacy decision in ways most people haven't registered. The growing competition in the browser market, with alternatives to Chrome and Safari gaining ground through 2025 and 2026, has coincided with new questions about which companies hold your browsing history and what they do with it. For Bendigo residents using public networks at the Bendigo Library on Hargreaves Street or the cafe strip along View Street, a privacy-focused browser combined with a reputable VPN now represents the baseline, not an enthusiast's preference.
The practical advice is unglamorous but concrete. Enable two-factor authentication on every account that offers it, starting with email and banking. Use a password manager, 1Password and Bitwarden both offer free tiers. Be deeply suspicious of any phone call asking you to confirm a one-time code. Check the La Trobe Digital Safety Literacy program's next intake, scheduled for August 2026, through the university's community office. And if something feels wrong about a financial transaction, call the institution directly using the number on their official website, not the one in the message that just arrived.