DON’T CLICK: 18.7 million Aussies at risk of ‘sinister’ ATO scam

·2-min read
Confused millennial Indian girl sit at home look at cellphone having operational problems, frustrated young woman feel stressed with slow Internet connection, virus attack or spam on smartphone
Confused millennial Indian girl sit at home look at cellphone having operational problems, frustrated young woman feel stressed with slow Internet connection, virus attack or spam on smartphone

Scammers purporting to be from the Australian Taxation Office (ATO) are trying to steal Aussies’ bank details once again, cybersecurity firm MailGuard has revealed.

The firm intercepted an email that looks like it’s from the ATO, and advises taxpayers their tax refund of around $220 is ready for collection – all they need to do is “click here”.

That link takes them to a page that looks like the myGov login website. However, the domain doesn’t belong to myGov or the ATO, and is actually a phishing page.

Once users ‘log in’ to their accounts, scammers harvest their email address and passwords for later use, and Aussies are met with an error saying their credentials are invalid.

“This is a particularly sinister scam as cybercriminals are attempting to exploit vulnerable Australians, many of whom are suffering economic hardship as a result of the economic uncertainty caused by COVID-19,” MailGuard wrote.

“By falsely claiming that users are eligible for a tax refund, the cybercriminals behind the attack are cruelly capitalising on those unfortunate circumstances.”

With more than 18.7 million active myGov accounts, scammers are casting a wide net, and increasing their chances of being successful.

What do I do if I see a scam?

You can report a government scam to the ATO by phoning 1800 008 540.

You can also use the ATO’s online form, or report it via the online form in the Contact Us section of the ATO app.

If you receive a suspicious email or text claiming to be from the ATO, you can forward the entire email to ReportEmailFraud@ato.gov.au or take a screenshot of it and send it to ReportEmailFraud@ato.gov.au.

Make sure you delete the email or text, and do not click on it or download any files from it.

Sign up to the six-week financial bootcamp challenge!
Sign up to the six-week financial bootcamp challenge!

Signing up for the six-week challenge? Join the conversation at The Broke Millennials Club on Facebook.

Follow Yahoo Finance on Facebook, LinkedIn, Instagram and Twitter, and subscribe to the free Fully Briefed daily newsletter to make 2021 your best (financial) year yet.

Our goal is to create a safe and engaging place for users to connect over interests and passions. In order to improve our community experience, we are temporarily suspending article commenting