ATO warns of myGov scam campaign

The ATO has warned Australians to be on the alert for an SMS and email phishing campaign targeting myGov users.

Attackers are sending spoof email and SMS disguised as legitimate ATO and myGov SMS messages that include shortened links leading to compromised domains hosting pages designed to skim login details.

The ATO advised that no legitimate email or SMS notifications from myGov will include a link to log in to a user’s myGov account. The agency is also advising myGov users to make their accounts more secure by adding two-factor identification over SMS.

“All online management of your personal tax affairs should be done in ATO online services, accessed through your genuine myGov account,” the advisory states.

“Any communications containing your personal information, such as your tax file number (TFN), will be sent to your myGov inbox, not your email account.”

Suspected fraudulent SMS or emails can be sent to reportemailfraud@ato.gov.au.

Cloud security company Mimecast announced that its threat intelligence team has confirmed that a combination of COVID-19 and ATO-themed phishing campaigns commenced early this month.

“The Mimecast Threat Intelligence team observed a series of malicious sending addresses and Australian government-themed phishing pages, many of which appear worryingly legitimate,” the company said in a statement.

Spoof addresses used in the campaign include australiantaxaionofficegov@webmailalerts.com, atogov@webmailalerts.com and australiataxationoffice@secureadminemail.com.

Image courtesy Mimecast.