Tax Scam Alert! Cyber Security Expert Warns Australians How To Avoid Scams This Tax Season

Australia, June 13, 2022 — Avast (LSE:AVST), a global leader in digital security and privacy is warning Australians to be extra vigilant over the coming months to avoid falling victim to a tax time scammer.

People right across the country will be looking to lodge their tax claims in the next months, giving cybercriminals a prime opportunity to seize, intercept and execute tax-related scams. Often, these scammers pose as someone you know – or an institution you use – and offer an easy “fix” to a problem you have in an official-sounding way or even give the victim a sense of urgency that they must hand over their information to be cleared of a financial issue.

Stephen Kho, cyber security expert at Avast says, “We know these scams have been prevalent in high numbers over the last few years, so it’s important to be on the front foot and know what to look out for when it comes to identifying fraudulent activity online, especially around tax time where we are having conversations around finances with various institutions.”

“Cybercriminals are always looking for new ways to steal your data, personal details or money through increasingly sophisticated scams and online threats and the timeliness hook of tax time helps them seem more legitimate.”

Stephen has shared three examples of prevalent tax scams to look out for, plus ways to avoid them.

Fake tax preparers claiming they can do your tax return fast, and for a low price.

How to avoid this scam:

• Check that your tax preparer is registered on theTax Practitioners Board (TPB) . They may display the TPB logo on their website, but you should still double check to ensure they are legitimate. (https://www.tpb.gov.au/registrations_search)
• Never share your myGov password with anyone. Sharing your information (such as your myGov password) with an unregistered practitioner puts your personal and financial affairs at risk.
• Setup your myGov account to use two factor authentication. You can use either the myGov Code Generator app or receive a code by SMS when logging in. This will further protect you from unauthorised access to your myGov account.

ATO phishing scams used to trick you into giving them your sensitive information

These scams work by impersonating a trustworthy and reputable company or individual to gain access to information such as usernames, passwords or credit card numbers.

In an Australian Taxation Office (ATO) phishing attack, the recipient will typically receive an “urgent” email, SMS or automated phone call claiming to be from the ATO with instructions to follow a link to log in or make a payment on an outstanding tax debt.

How to avoid this scam: 

•  If you receive a phone call, SMS, or email from the ATO, don’t click on links to log in to your account, send payments or provide any personal information. The ATO will never threaten you with immediate arrest, demand payment, or suspend your TFN. So, if you're not sure if it's the ATO contacting you, phone them directly using the phone number on their website to check.
•  It’s also worth installing a digital security product, like Avast One Essential, to protect you from any malicious software that you might download from a tax scam email, and using a secure browser with a VPN like, Avast Secure Browser, which has an Anti-Phishing solution in the desktop browser to defend against malicious threats when browsing the internet.

Emails posing as the CEO, director, or a payroll provider known as Business Email Compromise scams

In a business email compromise scam, attackers target those with financial-related roles and sometimes even employees. They then send emails asking for copies of payroll details or PAYG payment summary forms, which include all the personal information a cybercriminal would need to steal someone's identity. These emails start with a friendly greeting before getting to the request, attempting to put those targeted at ease before asking for the forms or details.

How to avoid this scam:

• If you work for a company, make sure to strictly follow your company’s payment authorisation/approval process.
•  Never send tax information electronically without first verifying with the sender in person or on the phone that they sent the request in the first place. It’s worth taking the extra precaution, as the likelihood of this type of scam increases during tax season.