In recent years, scammers have become increasingly sophisticated in their tactics, particularly when it comes to impersonating government entities like myGov and the Australian Taxation Office (ATO).
These malicious actors are constantly finding new ways to exploit unsuspecting victims, and businesses are not immune to their schemes.
The Australian government is taking steps to crack down on these scams, but it’s important that business owners also play an active role in protecting their company’s sensitive data and financial well-being.
In this blog post, we’ll take a closer look at the alarming rise in myGov and ATO phishing scams, the government’s response, and practical steps you can take to protect your business from falling victim to these insidious schemes.
The Surge in myGov and ATO Phishing Scams
Cybercriminals are becoming increasingly adept at exploiting the trust Australians place in government institutions like myGov and the ATO. In a common tactic, scammers create fake myGov websites that closely mimic the real thing, tricking unsuspecting users into entering their login details. Once obtained, this information is used to perpetrate tax refund fraud and other financial crimes.
These scams often begin with a phishing email or text message purporting to be from myGov or the ATO. The messages usually contain enticing phrases such as:
“You are due to receive an ATO Direct refund.”
“You have a new message in your myGov inbox – click here to view.”
By creating a false sense of urgency and promising financial gain, the scammers lure people into clicking on malicious links that lead to the fake websites.
The scope of this problem is staggering. From July to October 2023, AUSCERT reported over 2,500 tax-related phishing scams, a dramatic increase from the 1,100 reported during the same period in 2022. MyGov has become the most impersonated site in Australia, with authorities taking down more than 4,000 fake sites in the past year alone.
(Photo Credit: Cyber Daily)
Government Crackdown on Scams Yields Promising Results
Recognising the financial and emotional toll these scams take on Australians, the government has made cybersecurity a top priority. The Albanese Government’s anti-scam efforts are already showing promising results, with scam losses dropping by an impressive 43% in the fourth quarter of 2023 compared to the same period in 2022.
The ATO has been at the forefront of this fight, introducing innovative fraud controls like myGovID to strengthen account security. This additional layer of protection makes it more difficult for criminals to gain unauthorised access to sensitive information. Furthermore, the government has allocated $223 million to the Serious Financial Crimes Taskforce, demonstrating its commitment to bringing these scammers to justice.
Encouragingly, Australians are turning to the official myGov app for secure access to government services. By using features like fingerprint or facial recognition, users can log in without the need for easily compromised passwords. Minister for Government Services Bill Shorten has touted the app as a “fast, convenient and secure” way to interact with myGov.
Despite these efforts, the battle against cybercrime is far from over. Last year, Services Australia responded to over 6,000 scams impersonating myGov, highlighting the persistent nature of this threat.
Looking ahead, the government plans to introduce mandatory industry codes that will require businesses to take proactive steps to prevent, detect, and disrupt scams. These codes will help create a more consistent and effective approach to scam prevention across all sectors.
How You Can Protect Your Business Against These Scams
While the government’s efforts are certainly welcome, businesses must also take responsibility for protecting themselves against scams. Here are some practical steps you can take to safeguard your company:
1. Verify the source of unsolicited messages.
If you receive an email or text message claiming to be from the ATO or myGov, take a moment to verify the source before taking any action. Look for red flags like generic greetings, poor grammar, or suspicious URLs.
2. Be wary of suspicious calls.
Scammers may also try to contact you by phone, claiming to be from the ATO and demanding immediate payment or threatening arrest. Remember that the ATO will never threaten you or use abusive language, and they will never demand payment over the phone.
3. Avoid clicking links or downloading attachments from unknown sources.
If you’re unsure about the legitimacy of an email or text message, avoid clicking on any links or downloading any attachments. These could contain malware designed to steal your login credentials or other sensitive information.
4. Protect personal and financial information.
Be cautious about sharing personal or financial details in response to unsolicited messages, and avoid providing sensitive information online unless you’re certain the website is legitimate.
5. Report any suspicious activity.
If you suspect that you’ve been targeted by a scam, report it to the ATO’s scam reporting email address, the ACSC, or IDCARE. This can help prevent others from falling victim to the same scam.
6. Keep software updated and use strong passphrases.
Ensure that all of your company’s devices and software are kept up-to-date with the latest security patches, and encourage employees to use strong, unique passphrases rather than simple passwords. Implementing multi-factor authentication can also help prevent unauthorised access to accounts.
Secure Your Business Against Emerging Cyber Threats
As scammers become more sophisticated in their tactics, businesses must remain vigilant in protecting themselves and their clients from myGov and ATO phishing scams. While the government’s initiatives are making significant progress in combating cybercrime, it’s clear that this threat will persist for the foreseeable future.
If you have concerns about myGov scams, we recommend the managed IT and security services firm SEQ IT. For other business finance and accounting matters, please contact us today for expert advice and support. Our Gold Coast-Based Accounting Firm KeyPoint Accountants stays up-to-date on the latest scam tactics and regulatory changes to ensure our clients remain protected and their businesses continue to grow.