MailGuard, a global email security firm, is warning Australians to look out for new “myGov” Services Australia refund scam emails.
According to MailGuard, cybercriminals have been sending emails claiming that the recipient has “an outstanding refund of $640.98 from MyGov.” They instruct the user to click a link to “accept a fast online payment,” which appears as though it will take the user to a genuine myGov login page, although it is only regular text that has been hyperlinked and directs to a phishing site. The sender name shows as “myGov,” and the email comes from “refund(at)my(dot)gov(dot)au.”
The email address is not associated with myGov. However, it looks similar enough to it legitimate address that it could trick an unsuspecting individual.
On the page, the user is asked to enter their “billing informations,” such as:
In a statement, myGov advised users to always access the website by typing in the web address rather than clicking on links.
“myGov is delivered by Services Australia. We will never send you an email or SMS with a hyperlink directing you to sign in to your myGov account,” it added.
MailGuard is blocking the myGov cyber scams. It urges users not to click or open attachments within emails that:
“All that it takes to devastate your business is a cleverly worded email message that can steal sensitive user credentials or disrupt your business operations. If scammers can trick one person in your company into clicking on a malicious link or attachment, they can gain access to your data or inflict damage on your business,” MailGuard said.
The cyber environment is expected to become more hostile this year. The myGov scam follows the news website Guardian Australia’s cyberattack that forced its employees to work remotely.