A new report has revealed that scammers are infiltrating Aussies’ Centrelink, Australian Taxation Office (ATO) and Medicare accounts by creating fake myGov accounts. Fraudsters then make false claims for Centrelink payments or bogus tax claims worth thousands.

The investigation into myGov fraud discovered scammers were accessing Aussies’ accounts through a process called “unauthorised linking”. This is where a genuine myGov customer’s service account account is linked with a fake myGov account created by a fraudster, without their knowledge.

Commonwealth Ombudsman Ian Anderson found myGov’s current security measures did not “adequately protect people” from their accounts being linked and exploited where there had been identity theft.

RELATED

• Aussie bank's incredible move after scammer conned small business out of $900,000

• Aussie jobs paying up to $200,000 with no uni degree: 'Crying out for people'

• Major $300 rebate update after millions miss out on cost-of-living support

It found current measures were more focused on stopping fraudsters getting into genuine accounts, rather than stopping them from taking a “side entrance” to accounts through unauthorised linking.

“People have told us about the stress and anxiety they experienced when their personal information was stolen, and fraud committed in their name,” Anderson said.

The report also found there were not enough security controls in place to ensure “high-risk transactions”, such as changing bank account details, were authorised by genuine customers.

“Given the volume and sensitivity of information held in member service accounts linked to myGov, robust protections to stop fraudsters gaining unauthorised access to myGov accounts are essential,” Anderson said.

Have you fallen victim to scam? Share your story with tamika.seeto@yahooinc.com

How are hackers getting into myGov accounts?

Fraudsters are using stolen personal information to access people's Centrelink, Medicare and ATO online accounts through myGov.

They can steal people’s identity through targeted attacks like the Optus and Medibank data breaches, phishing scams, buying someone’s information through the dark web, or stealing personal information through rubbish or mailboxes, the report said.

Once they have access to people’s myGov accounts, scammers submit false claims for Centrelink payments, advances or loans in their name, redirect government payments, and submit false tax returns to claim refunds.

People also reported being unable to access financial assistance, such as the Child Care Subsidy, due to fraudsters’ actions.