MyGov Scams: How to Safely Avoid Fraud in 2021
As we approach tax time every year, scores of fraudsters zoom into the picture with the sole aim of ripping off hardworking Australians – including now through MyGov scams. It’s already a hectic time for many. Individuals and businesses are all scurrying to get their finances ready for the new financial year. Con artists and tricksters only make the process much more stressful.
In 2020, Aussies lost over $850 million to scams – as the pandemic forced thousands to work from home and spend more time online.
The Australian Competition and Consumer Commission (ACCC), in their 2020 Targeting Scams report, complied data from ReportCyber, Scamwatch, banks, financial intermediaries, nearly have a million reports and other government agencies to come up with that figure.
And in July 2021, it was estimated that over $7 million was lost to scams already in that year.
It’s especially dangerous during tax time, when ATO and MyGov scams are at their high and businesses are looking to maximise their purchases before the end of financial year.
Below, we’ll outline in detail how you can avoid fraud from MyGov scammers (and other cheats) in 2021.
MyGov identity scams – beware
The concept of email ‘phishing’ is almost as old as the internet – where somebody sends you an email either tricking you into giving personal information or uploading malware or viruses into your computer.
In 2020, the ACCC reported that there were over 44,000 reports of phishing – about a 75% increase from the previous year.
MyGov is the latest victim of the phishing frenzy.
Australians have been warned by the Australian Tax Office of ‘fake emails’ claiming to be staff from MyGov – when they’re just … not.
These are just random people passing themselves off as MyGov employees, asking users to hand over their identity and financial information. In January 2021, Scamwatch stated that they received over 80 reports of myGov phishing scam attempts in just one week.
The email will typically say something like MyGov needs to ‘confirm’ or ‘verify’ your identity, and that this is necessary due to rules put in place by the government. You may see something like:
Another example might say:
The email will then provide a link, call it ‘secure’ and tell a user to open it, where they will be invited to type in their personal and/or financial information.
It may take you to a ‘secure form’, and it may even appear legitimate as you’ll see screenshots of the myGovID mobile app.
But when you click the link, you’re simply led to fake MyGov website where you are then permitted to sign in using your MyGov account details – your name, birthdate, address and phone number.
In some cases, you’ll even be asked to supply your card number with the expiration date and 3-digit code at the back.
But emails are not the only way of the ‘MyGov scam artist’ – text messages are on the rise too.
In some cases, you may even receive a text message from somebody claiming to be from MyGov stating that you are eligible for a refund.
MyGov never does this.
Assistant Commissioner of the ATO, Ben Foster stated that:
“The ATO and myGov does send emails and SMS messages, however will never send you an email or SMS with a hyperlink directing you to a login page for our online services”.
The Assistant Commissioner went on to say:
“In the lead up to tax time, we expect to see more of these malicious attempts to harvest identity details. So we encourage everyone to be on alert and take the time to remind family and friends to be on the lookout and stay safe online.”
Scammers do not discriminate in who they target – as long as you have money, you’re a candidate.
However, people over the age of 65 are those who are more likely to get tricked into giving their details.
How to avoid fraud this financial year
There are a few simple ways you can get ‘cyber smart’ and steer clear of financial fraud this year.
Don’t let trickers steal your hard-earned money. If you follow these easy steps, you can go that extra mile and secure your hard-earned dollars from those who are out to do no good.
Knowledge is power
The first thing to do is know how the ATO, MyGov and other government authorities will communicate with you.
The ATO and MyGov will never send you an email or a text message asking you to click on a link in order to access some online service.
Enable two-factor authentication on MyGov
Login to MyGov and set up two-factor authentication for an extra layer of protection.
You can, for instance, select the option to receive a security code via text message when you decide to login to your MyGov account.
Simply sign into MyGov and switch it on in “Account settings”.
Check the email address
When you receive any email, the first thing you should always do is check the email address. Who has actually sent it to you? Common sense comes into play here.
If you’re received an email from ‘MyGov’, but the email address is “mygov@92849jxxxjd.com.au”, “admin@mygov117.com.au” or even “support@mygovdonotreply.freshdesk.com”, then you can be fairly certain that email is not legitimate.
If you’ve received an email with one of those bizarre email addresses and you think it’s a scam artist, report it to the ATO or to Scamwatch.
Be careful about links and attachments
You always want to be careful when an email or a text message, especially from an unknown or a mysterious source, asks you to click on a link or an attachment.
That link could take you to a ‘secure form’ asking you to type in your personal details or your credit card information.
That attachment could download malware into your computer (or phone) and, in the worst-case scenario, hold it to ‘ransom’. That simply means uploading a harmful virus into your software, and threatening only to remove it if you hand over large sums of money
Log into MyGov safely
If you are logging into MyGov, make sure you always ensure your browser reads https://www.myGovID.gov.au or https://myGovID.gov.au.
You should see a red flag if the browser says something like ‘mygovau.net’ or something completely out of the ordinary like ‘pletycmc.sk’ (it’s happened before).
Be password-safe
Everybody is guilty at some stage of having a simple “122333” password or their birthday as their password. Don’t do that – create a complex password to minimise the chances of somebody breaking into your account.
If you’re having trouble remembering the dozens of passwords you might have on another account, write it down somewhere safe or download the OnePassword app to keep all your passwords together in one secure mobile platform.
Keep all your passwords secure, do not share them with anybody and change your password on a regular basis.
Download anti-virus software. There are many different anti-virus programmes you can download to ensure that your computer is safe. You can typically set these programmes so they update themselves every day. This can ensure your systems are afforded the most up-to-date protection.
Some programs will automatically come with your computer, such as Microsoft Defender with Windows 10. But you can also download software such as Norton Antivirus, McAfee or Bitdefender (please note we don’t promote any of those products, and are just listing them for your general information).
Back up your data
You should always keep duplicate copies of your important information somewhere that’s not immediately on your computer’s hard drive. For example, you can store it on a physical hard drive or a cloud-based software. That way, if you lose your data because of some cyber scam, you will still have access to your backups.
Don’t ‘set and forget’
You should always review your cyber habits and ensure you are adopting the best practices when it comes to cyber security every day.
Where to report scams
If you’re suspecting a scam, report it to Scamwatch immediately.
If the scam is from somebody claiming to be from the ATO, you can also report it by calling 1800 008 540 or reporting a scam via their website or mobile app.
For more information and advice on online scamming, you can also read more information provided by the Australian Cyber Security Centre or ring Services Australia’s Scams and Identity Theft Helpdesk on 1800 941 126.
Connect with us today to discover how 2account can tailor its expertise to help you achieve your business vision.
Book a free discovery call
Email us at admin@2account.com.au
Call Renee directly on 0417 113 827