Tackling scams and ransomware: auDA’s role in mitigating DNS abuse

As the digital world continues to expand, Australians face rising risks from cybercrimes like scams and ransomware. Within the .au Domain Name System (DNS), part of Australia’s critical communications infrastructure, DNS abuse (phishing, malware, botnets, pharming and associated spam) remains exceptionally low due to auDA’s proactive approach.

In this blog, we’ll explore the impact of DNS abuse, scams and ransomware, the steps Australia is taking to tackle these issues, and how auDA plays a vital role in safeguarding Australia’s DNS.

The DNS is an essential component of the internet, enabling the translation of long-strings of numbers known as Internet Protocol (IP) addresses, which identify where a website or email address is hosted online, into user-friendly domain names, which make it easier for internet users to find what they are looking for online. However, like any online system, the DNS can be exploited by cybercriminals through DNS abuse, which undermines the security and trust of the internet and should be guarded against.

DNS abuse is a global challenge and auDA actively works to minimise threats in the .au. It is pleased to report as a result that the rate of abuse within the .au domain remains low - 0.0002 per cent of total .au domain names (as at December 2024) making .au one of the most secure top-level domains (TLDs) globally.

As highlighted in auDA’s Digital Lives of Australians 2025 report, 67 per cent of consumers are now avoiding at least one online activity due to cyber security concerns, including scams. To better protect Australians online, the Australian Government is also ramping up efforts to combat online scams and cyber threats with new policies aimed at strengthening protections for businesses and consumers.

The government has introduced the Scams Prevention Framework Act 2025, an economy-wide reform targeting scams which imposes enforceable obligations on businesses in key sectors, including banking, telecommunications, and digital platforms. In addition, the government introduced mandatory ransomware payment reporting under the Cyber Security Act 2024 and the Cyber Security (Ransomware Payment Reporting Rules) 2025. This applies to organisations with over $3 million in turnover or critical infrastructure responsibilities under the Security of Critical Infrastructure Act 2018. Impacted organisations must report payments within 72 hours of making or becoming aware of them. If not reported within 72 hours, fines of up to $19,800 may apply. These rules took effect on 30 May 2025.

The ransomware measures are intended to enhance national threat visibility and response coordination, without penalising victims. Concurrently, Australia is advancing its regulatory framework to enhance online safety and combat digital scams. The Statutory Review of the Online Safety Act 2021 proposes expanding obligations for digital platforms and infrastructure providers by establishing and enforcing a digital duty of care framework.

These initiatives reflect a comprehensive approach to strengthen consumer protections and assign greater responsibility to entities in mitigating online harms. auDA remains committed to engaging with policymakers to ensure that Australia's internet infrastructure is secure, resilient, and continues to support an open, free, and secure internet.

Given the essential role of the .au DNS in our daily lives, auDA takes maintaining its security seriously. Our recently released A secure .au report sets out the ways auDA works to keep .au one of the most secure domains in the world, including:

• Analysis of over 25 daily threat feeds to detect and mitigate DNS abuse associated with .au domain names.
  • In 2024, we reviewed over 980 suspected cases of DNS abuse in .au. 48 per cent of reviews resulted in the removal of the DNS abuse, 21 per cent of domain names reviewed were placed into a 30-day suspension and 18 per cent found no DNS abuse present.
• Maintaining robust .au Licencing Rules that govern who can register a .au domain name
  • In 2024 we conducted more than 18,500 audits on .au domain names to ensure their compliance with the rules to prevent their misuse and maintain the integrity of .au
• Adhering to the Australian Signals Directorate’s Essential Eight and maintaining ISO 27001 (information security management) and ISO 22301 (business continuity) certifications.
• Working closely with auDA accredited registrars, all of whom are required to meet ISO 27001 standards
• Providing regular education to the small business community, start-up hubs and universities across Australia, on how to improve online security practice and reduce instances of DNS abuse

As set out in auDA’s 2026-30 Strategy, auDA is committed to continue strengthening Australians’ trust in the .au and auDA, and grow Australians’ engagement in the digital economy and society. Among other aims, we will do this by raising the trust and integrity of .au domain names and through the successful implementation of the Australian Government’s Information Security Manual (ISM) controls.

Through our work, and the efforts of government, industry and the community, we can reduce the impact of cybercrime and ensure an open, free, secure and globally operable internet for all.

You can read auDA’s A Secure .au report to learn about the ways auDA works to keep .au secure and trusted for the benefit of all Australians and our blog on keeping your .au secure to learn about simple steps you can take to help improve your online security.