Cyber Security and Scam Awareness: Safeguarding Your Information 

/

The Australian Taxation Office (ATO) has observed an increase in scams that target individuals’ Personally Identifiable Information (PII). 

In 2022, the most common piece of PII given to scammers was a person’s birthdate.  Nowadays, scammers are looking for more valuable information. 

The ATO has seen an increase in reports of scams targeting people’s PII in the last year.  Some scammers target PII that includes people’s myGov sign-in credentials, which are the doorway to your ATO accounts and financial information. 

PII makes up pieces of a puzzle that, when put together, can allow scammers to form a detailed picture of a person’s identity.  Scammers could use this information to falsely assume a person’s identity and commit crimes, such as tax fraud, in their name. 

 

Want to stay in the loop with my regular newsletter?

Each month I share business, bookkeeping, and QiBalance updates.



How You Can Stay Safe 

To protect your PII, some key points to remember are: 

  • Stop – Don’t share any PII unless you trust the person you’re communicating with and they have a legitimate need for your details. 

  • Think – Always consider if a message or call could be a fake.  Never click on hyperlinks to an online login portal from an unexpected source. 

  • Protect – If you notice any suspicious activity on your ATO accounts, contact the ATO immediately. 

Your security is important, so please stay vigilant and protect your information.  Following the simple steps above could prevent a scammer from piecing your identity together. 

If you do encounter a scammer, don’t engage. Report ATO-related scams via ReportScams@ato.gov.au or use the online form at ato.gov.au/scams

How We Can Help

QiBalance Bookkeeping can also support you to safeguard your PII.  We protect client information by implementing secure practices in the storage and use of data.  We can also help educate clients on the importance of protecting personal details, and we encourage our clients to verify requests for sensitive or otherwise identifying information. 

At QiBalance Bookkeeping, we endeavour to stay informed about security threats, which enables us to provide our clients with guidance and timely updates.  We proactively manage personal  information, promote best practices and prompt reporting of suspicious activity, helping to maintain the integrity of client identities. 

It can be helpful to have a conversation with your bookkeeper about protecting your PII – especially your myGov credentials. 

Further information, and practical steps to help protect your own information, are available at ato.gov.au/protectyourself

Source: ATO – Scams are on the rise. Protect client information 

Scams to Watch Out For: myGov Email Impersonation Scams 

The ATO and Services Australia are warning people to stay vigilant as they continue to receive a high number of phishing scam reports that impersonate government agencies. 

In February 2024, ATO-branded emails containing links to fake myGov websites were the scam most commonly reported to the ATO.  Over the past 6 months, approximately 75% of all email scams reported to the ATO have linked to a fake myGov sign-in page. 

Scammers use fake myGov websites to try to steal sign-in credentials and gain access to myGov accounts.  Once a scammer has someone’s myGov access, they can make fraudulent lodgements in that person’s name, and can also change bank details so that any payments are redirected to a scammer’s account. 

Scammers use different phrases to try and trick people into opening these links. 

Some examples are: 

  • “You are due to receive an ATO Direct refund.” 

  • “You have a new message in your myGov inbox – click here to view.” 

  • “You need to update your details to allow your Tax return to be processed.” 

  • “We need to verify your incoming tax deposit.” 

  • “ATO Refund failed due to incorrect BSB/Account number.” 

  • “Your income statement is ready; click on the link to view.” 

Some examples of the format this scam can take are shown below: 

Remember:

Genuine ATO and myGov communication will not include a link to access online services.  Online services should be accessed directly by typing ato.gov.au or my.gov.au into your browser. 

Any suspicious contact claiming to be from the ATO should be reported to ReportScams@ato.gov.au

  • You can find out more about scams impersonating myGov at my.gov.au/scams

  • Scams that do not impersonate the ATO, myGov, or a Services Australia brand can be reported to Scamwatch

Source: ATO – Scam alerts