The Australian Tax Office (ATO) had fallen victim to a nasty impersonation scam that targeted cybersecurity vulnerabilities through myGov website and a 2017 federal government First Home Super Saver Scheme.
The issue began when Mr. Trevor Riessen — a Darwin resident, got a notification letter from the ATO a year prior, to an alternate tax return filed under his name. It was shocking to note that the funds were for a deposit on a house he had never heard of! Fortunately, he was able to put a pause before the money was handed over to the scammer.
However, that was not the end.
Early in 2019, he again received an alarming notification stating, “Congratulations, we’ve transferred a sum of money out of your superannuation account”!
Though the money was sent from his superannuation, ATO hadn’t paid it out. So, he was able to stop the transfer this time too. It proves to be the case of falsified account details to someone who was apparently acting on his behalf.
This raises an obvious question: How can someone act on one person’s behalf?
Mr Riessen is still waiting for the answer to this from ATO!
Cyber Spiders Are More Than Ever…
Cybercrimes are reported every 10 minutes in Australia. Nearly one in three Australian adults were hit by IT security issues in the year 2018.
And of these, online fraud is the most prevalent crime, with making people click on malicious links in messages claiming to be from their bank and fill out their info. It also involved people deceived by online love rats who were convinced to wire many dollars abroad. This was closely followed by identity scams, with criminals opening bank accounts in other people’s names.
ATO Alarms Blare!
Statistics reveal, while people are self-reporting being prey to cybercrime, some organizations, who become involved in scams, are more reluctant. Although many individuals have turned “impassive” about their responsibility encompassing data breaches, the same can’t be said for how they feel businesses should respond.
Businesses maintain a large number of client details that are of interest to identity thieves. Criminals may target your business practice to obtain your clients’ info for fraudulent refunds, or trick you into opening attachments that install malware or ransomware on your systems.
So, stay alert! Start reviewing your existing cybersecurity procedures with the help of an expert cybersecurity company to prevent fraud and secure your data and practice.