A new report has revealed that fraudsters are infiltrating Australian citizens’ Centrelink, Australian Taxation Office (ATO) and Medicare accounts by creating fake myGov accounts. Fraudsters then make false claims for Centrelink payments or false tax demands amounting to thousands.
During the investigation into the myGov scam, it was found that fraudsters were gaining access to Australians’ accounts through a process called ‘illicit linking’, which involves linking a genuine myGov customer’s service account to a fake myGov account created by a fraudster without their knowledge.
Commonwealth Ombudsman Ian Anderson found that myGov’s current security measures “did not adequately protect” people from having their accounts linked and misused in the event of identity theft.
RELATED
It turns out that the current measures are more aimed at preventing fraudsters from gaining access to real accounts than at preventing them from gaining “secondary access” to accounts through unauthorized links.
“People have told us about the stress and anxiety they experienced when their personal information was stolen and fraud was committed in their name,” Anderson said.
The report also found that there were insufficient security controls to ensure that “high-risk transactions,” such as changing bank account details, were only authorized by genuine customers.
“Given the volume and sensitivity of information stored in member service accounts linked to myGov, robust safeguards are essential to prevent fraudsters from gaining unauthorized access to myGov accounts,” Anderson said.
Have you been a victim of fraud? Share your story with [email protected]
How do hackers get into myGov accounts?
Fraudsters use stolen personal information to access people’s online Centrelink, Medicare and ATO accounts through myGov.
They can steal people’s identities through targeted attacks, such as the Optus and Medibank data breaches, through phishing scams, purchasing personal information on the dark web, or stealing personal data via junk or mailboxes, the report said.
Once fraudsters gain access to people’s myGov accounts, they submit false applications for Centrelink payments, advances or loans in their name, divert government payments and submit false tax returns to claim refunds.
People also reported that they were unable to access financial assistance such as childcare benefits due to the activities of scammers.
Services Australia responds
Services Australia has welcomed the report and confirmed that it will implement all of its recommendations.
The report recommended changes to improve security controls for unauthorized linking and high-risk transactions, including controls such as two-factor authentication.
In addition, Services Australia was recommended to establish formal processes to manage risk across the myGov ecosystem.
Services Australia acting chief executive Jarrod Howard said the organisation was committed to protecting people from identity theft and fraudsters. He said they were responding to more than 300 scams a week where people were impersonating myGov.
“Services Australia is committed to ensuring we quickly identify issues, threats and risks and take effective action to protect myGov and our customers,” Howard said.
Get the latest Yahoo Finance news – follow us on on facebook., LinkedIn And Instagram.
:quality(70):focal(801x495:811x505)/cloudfront-us-east-1.images.arcpublishing.com/shawmedia/T2JPUARLIZBCFCCNP2FSBXK27M.JPG "DeKalb and Sycamore know what to expect from annual rivalry showdown – Shaw Local")
