DFK Gooding Partners

November 13, 2023

October was cyber awareness month, however the reality is that every month is cyber awareness month – and this November the scams are coming thick and fast. We’ve recently had a client fall victim to a well-crafted tax return scam, and just last week the ATO has issued a scam alert for a Multifactor Authentication (MFA) email scam.

In the past it used to be easy enough to spot the scams when they came in. Unless you had personally met and befriended a prince from Nigeria, it was highly unlikely said prince would be suddenly emailing you offering a share of a huge investment opportunity, or a fortune they can’t get out of the country without your help. With the benefit of generative AI, scammers continue to mature in sophistication, and it is becoming increasingly harder to spot the scams, and increasingly easier to fall for them.

Impersonation Scam – DFK Gooding Partners client case: November 2023

At the start of November we were advised one of our clients had become a victim of an ATO impersonation scam. The background is as follows:

  1. Our client clicked on a link on an email impersonating the ATO regarding a refund owing.
  2. The client was then requested to log into a fake myGov account and put in the 2-way authentication code, where her details were captured.
  3. The scammers then proceeded to lodge two fraudulent tax returns (2023 and an amended 2022) through her myGov, for a total of $10,000, without the client or tax agent being notified.
  4. The tax refunds were directed to the scammers bank account.

This approach is very similar to the scam identified by the ATO August 2023 (taxtime SMS and email scams)

What to watch out for (why this scam was successful)

  • Visual design: The design of correspondence (emails, landing pages etc) was carefully done to appear as legitimate as possible
  • Professional language – the wording is professional, and in keeping with professional tax communications the client was used to receiving. With the proliferation of AI content generating tools, hackers can now craft very compelling language within scam emails
  • The website address in the link appears similar but is different to the official ATO myGov website (https://my.gov.au/)

November 2023 – Multifactor Authentication (MFA) email Scam

The ATO has recently advised that scammers are emailing clients advising them due to ATO security updates, they are required to update the multifactor authentication (MFA) on their ATO account.

The scam email includes a QR code which takes you to a fake myGov sign in page, designed to steal your myGov sign in details.

The ATO will never send you an email with a QR code or a link to login to their online services.

What to do if you receive a fraudulent email

If you receive a fraudulent email, do not scan the QR code, click on links, open attachments or download files. Simply forward the email to reportscams@ato.gov.au, and then delete it. You can report other types of scams to Scamwatch, or contact the Australian Cyber Security Centre to report cybercrime.

If you receive an email from DFK Gooding Partners that looks suspicious, do not action it, or click on any links. Call our office directly and ask to speak with one of our team to confirm the request.