Advertisement
Australia markets closed

  • ALL ORDS

    7,937.90
    +35.90 (+0.45%)
     

  • AUD/USD

    0.6445
    -0.0006 (-0.09%)
     

  • ASX 200

    7,683.50
    +34.30 (+0.45%)
     

  • OIL

    82.22
    +0.32 (+0.39%)
     

  • GOLD

    2,309.00
    -37.40 (-1.59%)
     

  • Bitcoin AUD

    102,775.18
    +389.68 (+0.38%)
     

  • CMC Crypto 200

    1,423.47
    +8.71 (+0.62%)
     

Aussies told to look out for $640 ‘myGov’ refund email

Scammers are impersonating myGov to try and steal your personal information.

Eliza Bavin
·Personal Finance Editor
Updated ·2-min read
A copy of the myGov scam email.
Aussies have been warned about a new email scam impersonating myGov. (Source: MailGuard)

Coming off the back of the holiday season during a cost-of-living crisis means many could use all the extra cash they can get, but Aussies have been warned to watch out if they receive a myGov email claiming they are eligible for a refund.

Cybercriminals are well aware of the financial difficulties many Australians are currently facing and are taking advantage of this in a new email phishing scam, MailGuard has warned.

MailGuard intercepted the scam email, which had the subject line: “You have an outstanding refund from MyGov” and the sender name was even shown as “myGov”.

ADVERTISEMENT

“Although the email address is not associated with myGov, it’s similar enough to their legitimate address that it could easily fool any unsuspecting individual,” MailGuard said.

The email opens with a generic “Dear customer”, and then explains that the recipient has an outstanding refund of $640.98 from myGov. The user is then instructed to click a link in order to “accept a fast online payment”.

“The link appears as though it will take the recipient to a genuine myGov login page, although it’s just regular text, which has been hyperlinked, and actually directs to a phishing site,” MailGuard said.

After clicking the link, the user is redirected to a fake myGov login page, which uses Australian Government branding to “help feign authenticity”, MailGuard said.

“The user is directed to enter their username and password before proceeding. If entered, these will be harvested by the cybercriminal and stored for later use,” it said.

The potential victim is then asked to enter their full name, address, phone number and credit card details.

“These details will again be stolen by the criminal and will likely be used for their personal financial gain or sold on the dark web,” MailGuard warned.

“Refund scams are a cruel type of attack that target vulnerable individuals who could use the money promised. Instead, they risk financial and identity fraud.”

Follow Yahoo Finance on Facebook, LinkedIn, Instagram and Twitter, and subscribe to our free daily newsletter.