iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Fraudsters are using fake myGov emails to target vulnerable Australians following the Christmas holidays.
The emails, addressed to “Dear Customer” and promising a refund of $640.98, use legitimate-seeming MyGov branding and logos. However, they originate from a slightly different address: refund(at)my(dot)gov(dot)au.
The address is not accurate, but is close enough that some users could be tricked into thinking the emails are aboveboard.
The email instructs recipients to click a link that will give them a “fast online payment”. The link in question appears to be the real deal, but it actually takes users to a phishing site. Again, official-seeming myGov branding is evident.
The site then asks for a user’s actual myGov password and username.
According to MailGuard, who first reported the scam, these details “will be harvested by the cyber criminal and stored for later use”.
The scam site then asks for a user’s “Billing Informations” (poor spelling and grammar is always a sure sign of scams such as this) — their name, address, complete credit card details including CVV, and phone number.
“These details will again be stolen by the criminal and will likely be used for their personal financial gain or sold on the dark web,” MailGuard says.
This is not the first time myGov has been used to target scam emails. Refund scams like this one were reported in June, October, and November of 2022. Services Australia has a page dedicated to such scam alerts, though this specific one is not yet listed.
myGov states on its own Scams page how to avoid falling prey to such tricks.
“myGov is delivered by Services Australia,” the site says. “We will never send you an email or SMS with a hyperlink directing you to sign in to your myGov account. Always access myGov by typing in the web address yourself.”
Further, myGov will never ask for details such as username and passwords, or other personal information.
Cyber Security Connect reported on a range of government ID data being circulated online last year in November, including myGov and ATO details. An ABC investigation found that some of this material was being sold on the clear web for as little as $1.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
