Millions of myGov users warned about $688.64 Medicare refund

Medicare and myGov users have been warned about a new email scam.

Eliza Bavin
·Personal Finance Editor
Updated ·2-min read
A composite image of people walking on a street in Australia inset with a copy of the myGov scam claiming a person has a Medicare refund.
myGov users have been warned to watch out for a new email scam doing the rounds. (Source: Getty/MailGuard)

If you have received an email claiming to be from myGov implying you have a Medicare reimbursement, think twice before opening it.

MailGuard has warned millions of Aussies about the new email scam with the subject line “Your Medicare Claims from MyGov”.

While the sender name shows as myGov, the actual sender comes from a compromised account at Stuttgart University in Germany, MailGuard warned.

“The email is a relatively plausible replica that's likely to catch some people unaware. It uses Australian Government branding in the header, addresses the recipient as ‘myGov User’, and then explains that: ‘Your Medicare claims and payment are now available for filing and disbursemnt [sic]’, before directing them to click on hyperlinked text that appears as though it will direct them to an Australian Tax Office claims page,” MailGuard said.

“In reality, it hides the true link, which will take the recipient to a phishing page.”

If the victim clicks the link it will take them to a phishing site, which replicates myGov’s login page but, on closer inspection, the URL is different from the official myGov page.

A copy of the scam email purporting to be from myGov claiming the victim has a Medicare rebate.
The phishing shows myGov logos to try and fool victims. (Source: MailGuard)

The phishing page asks the victim to enter their username and password, which are then harvested by the attacker.

Next, they are told a refund of $688.64 is available and, to receive it, they must enter their credit card details, including the name on the card, card number, expiry date and CVV. In addition, the criminals ask the victim to include their first and last name, full address, phone number and date of birth.

“This information, along with the rest that has already been entered, is very valuable for a cybercriminal and will likely be used for financial fraud,” MailGuard said.

“Finally, the victim is asked to enter a payment verification code, which likely signals the cybercriminal is trying to charge their card to verify it’s valid.”

Once the criminal is done harvesting the victims details, they are redirected to the legitimate myGov website.

Services Australia said it would never send someone an email or SMS with a hyperlink and the site should only be accessed by typing the web address (https://my.gov.au/) directly into the browser.

Follow Yahoo Finance on Facebook, LinkedIn, Instagram and Twitter, and subscribe to our free daily newsletter.

  • Up next
  • Up next
  • Up next
  • Up next

Latest stories