It wasn’t me: the tax fraud scam
You login to your myGov account to find that your activity statements for the last 12 months have been amended and GST credits of $100k issued. But it wasn’t you. And you certainly didn’t get a $100k refund in your bank account. What happens now?
In what is rapidly becoming the most common tax scam, myGov accounts are being accessed for their rich source of personal data, bank accounts changed, and personal data used to generate up to hundreds of thousands in fraudulent refunds. For all intents and purposes, it is you, or at least that’s what it seems. And, the worst part is, you probably gave the scammers access to your account.
But it’s not just activity statements. Any myGov linked service that has the capacity to issue refunds or payments is being targeted. Scammers are using the amendment periods available in the tax law to adjust existing data and trigger refunds on personal income tax, goods and services tax (GST), and through variations to pay as you go (PAYG) instalments. In some cases, the level of sophistication and knowledge of how Australia’s tax and social security system operates is next level.
Once the scammers have access to your myGov account, there is a lot of damage they can do.
So, how does this happen and why is it so pervasive? Humans are often the weakest link.
Common scams utilise emails (78.9% of reported tax related scams in the last 12 months) or SMS (18.4% of reported scams) that mimic communication you might normally expect to see. The lines of attack used by tax related scammers are commonly:
· Fake warnings about attempted attacks on your account (and requiring you to click on the link and confirm your details);
· Opportunistic baiting where some form of reward is flagged, like a tax refund, that you need to click on the link to confirm and access; and
· Mimicking common administrative notifications from the Australian Taxation Office (ATO) like a new message accessible from a link.
Approximately 75% of all email scams reported to the ATO to March 2024 were linked to a fake myGov sign in page.
