It wasn’t me: The tax fraud scam

The Collective Team - Blog Headers (1)

You login to your myGov account to find that your activity statements for the last 12 months have been amended and GST credits of $100k issued. But it wasn’t you. And you certainly didn’t get a $100k refund in your bank account. What happens now?

In what is rapidly becoming the most common tax scam, myGov accounts are being accessed for their rich source of personal data, bank accounts changed, and personal data used to generate up to hundreds of thousands in fraudulent refunds. For all intents and purposes, it is you, or at least that’s what it seems. And, the worst part is, you probably gave the scammers access to your account.

But it’s not just activity statements. Any myGov linked service that has the capacity to issue refunds or payments is being targeted. Scammers are using the amendment periods available in the tax law to adjust existing data and trigger refunds on personal income tax, goods and services tax (GST), and through variations to pay as you go (PAYG) instalments. In some cases, the level of sophistication and knowledge of how Australia’s tax and social security system operates is next level.

Once the scammers have access to your myGov account, there is a lot of damage they can do.

So, how does this happen and why is it so pervasive? Humans are often the weakest link.

Common scams utilise emails (78.9% of reported tax related scams in the last 12 months) or SMS (18.4% of reported scams) that mimic communication you might normally expect to see. The lines of attack used by tax related scammers are commonly:

  • Fake warnings about attempted attacks on your account (and requiring you to click on the link and confirm your details);
  • Opportunistic baiting where some form of reward is flagged, like a tax refund, that you need to click on the link to confirm and access; and
  • Mimicking common administrative notifications from the Australian Taxation Office (ATO) like a new message accessible from a link.

Approximately 75% of all email scams reported to the ATO to March 2024 were linked to a fake myGov sign in page.

How to spot a fake

  • The ATO, Centrelink and MyGov don’t use hyperlinks in messages. If you receive a message with a link, it’s a fake.
  • The ATO will not use QR codes as a method for you to access your account.
  • The ATO will never ask for your tax file number (TFN), bank account details or your myGov login details over social media. Some scammers have used fake social media accounts mimicking the ATO and other Government agencies. When a query comes in, they respond by asking for information to verify it’s you. The ATO will never slide into your DMs. ATO Assistant Commissioner Tim Loh said, “it’s like giving your house keys to a stranger and watching them change your locks.”
  • The ATO do not use pre-recorded messages to alert you to outstanding tax debt. The ATO will not cancel your TFN. Some scammers suggest that your TFN has been cancelled or suspended due to criminal activity or money laundering and then tell you to either pay a fee to correct it, or transfer your money to a ‘safe’ bank account to protect you against your corrupted TFN.
  • The ATO will not initiate a conference call between you and your tax agent and someone from a law enforcement agency. In one case, the taxpayer was told that the caller was from the ATO and a person from her accounting firm was on the call as well to represent her and work through a problem. The ATO caller and the tax agent were fake. Just hang up and call our office if you are ever concerned. The ATO will never initiate a conference call of this type.
  • The ATO will also not ask you to reconfirm your details because of security updates to myGov. The link, when activated, takes you to a fake myGov web page that can look very convincing.

In general, you should always log into your myGov account directly to check on any details alerted in messages rather than clicking on links. This way, you know that you are not being redirected to somewhere you should not be.

And, don’t log into your myGov account on free wifi networks. Ever.

Who is getting scammed?

The ATO says that the demographic who most reported providing personal information to scammers was 25 to 34 year olds. And, the younger generation are more likely to fall for investment scams. According to the AFP-led Joint Policing Cybercrime Coordination Centre (JPC3), people under the age of 50 are overtaking older Australians as the most reported victims of investment scams. Australians reported losing $382 million to investment scams in the 2023-24 financial year. Nearly half (47%) of the investment scam losses involved cryptocurrency.

Other scams

Investment scams

Pig butchering. Pig butchering is a tactic where scammers devote weeks or months to building a close relationship with their victims on social media or messaging apps, before encouraging them to invest in the share market, cryptocurrency, or foreign currency exchanges. Victims think they are trading on legitimate platforms, but the money is siphoned into an account owned by the scammers, who created fake platforms that look identical to well-known trading and cryptocurrency sites. Scammers will show fake returns on these platforms to convince victims to invest more money. Once they have extracted as much money as possible, the scammers disappear with all the invested funds.

Deepfakes. Deepfakes are lifelike impersonations of real people created by artificial intelligence technologies. Scammers create video ads, images and news articles of celebrities and other trusted public figures to promote fake investment schemes, which can appear on social media feeds or be sent by scammers through messaging apps. Unusual pauses, odd pitches, or facial movement not matching their speaking tone are often giveaways but increasingly, the fakes are difficult to spot.

Invoice scams

The names and details of legitimate businesses are used to issue fake invoices with the money transferred to the scammer’s account. These scams are often tied to cyber breachers where hackers have accessed your systems and have identified your suppliers.

Bank scams

There has been a lot in the media of late about people receiving phone calls purporting to be from their bank, advising them there is a problem with their account, and then walking them through a resolution that involves transferring all their money into a ‘safe’ scammers account. Victims commonly state that they believed the scammer because of the level of personal information they relayed.

Your bank will never send an email or text message asking for any account or financial details, this includes updating your address or log in details for phone, mobile or internet banking.

A CHOICE survey found that four out of five of the victims of banking scams in their report said their banks did nothing to flag a scam before they transferred their money to the perpetrator.

The Australian Banking Association have stated that, if not already, banks will introduce warnings and payment delays by the end of 2024. And, in addition to other measures, they will limit payments to high-risk channels such as crypto platforms.

What to do if you have been scammed

If you have downloaded a fake myGov app, have given your details to a scammer, or clicked on a link from an email, text message or scanned a QR Code, contact Services Australia Scams and Identify Theft Helpdesk on 1800 941 126, or get help with a scam here.

Tax scams

Before acting on any instructions, please contact us and we will verify the information for you.

If you have already acted, contact the ATO to verify or report a scam on 1800 008 540.

The Government use external agency recoveriescorp for debt collection but we will advise you if you have a tax debt outstanding.

Need support or have questions this tax season?

Our friendly and experienced accounting team are here to help.

Talk to us today about maximising your outcomes and reducing your risks.

Give us a call on 02 8660 1355, or book in to see us here.

To be the first to know about tax and financial updates every month, sign up to The Collective Team’s newsletter.