Australia markets closed
  • ALL ORDS

    7,418.60
    -29.00 (-0.39%)
     
  • AUD/USD

    0.6711
    -0.0042 (-0.62%)
     
  • ASX 200

    7,229.10
    -30.40 (-0.42%)
     
  • OIL

    73.97
    -2.31 (-3.03%)
     
  • GOLD

    1,761.50
    +7.50 (+0.43%)
     
  • BTC-AUD

    24,154.30
    -645.39 (-2.60%)
     
  • CMC Crypto 200

    379.76
    -2.89 (-0.76%)
     

Centrelink recipients warned: 'Refund in process'

Centrelink building. Australians standing outside.
Aussies who use myGov have been warned of a new phishing scam that tries to steal your details. (Source: Getty)

Aussies have been warned of a new phishing scam - claiming to be from myGov - that tries to steal your personal details.

Mailguard has urged all Aussies who use myGov, including those on Centrelink, to look out for a scam email with the subject line “Refund in process (1)”. The email claims you are eligible for a refund following an “annual calculation”. You are then asked to click a button to claim the refund.

There are a few immediate red flags in the email, Mailguard said.

“Although the email has a somewhat professional finish, there is no myGov branding used, and it’s littered with spelling mistakes (e.g. ‘proccess’, ‘eliqible’, and ‘from’ instead of ‘form’) and grammatical errors,” Mailguard said.

myGov scam email.
Aussies have been urged to look out for the scam email. (Source: Mailguard)

When the recipient clicks the button, they are taken to a phishing page that asks them to sign into their myGov account. The scammers then try to steal your myGov email address and password.

“Fortunately, myGov accounts have multi-factor authentication enabled, which should hopefully prevent unauthorised access, but the scam doesn’t stop there,” Mailguard said.

On the next page, you are asked to enter your bank card details, including your name, card number, expiration date and CCV/CVV.

Victims are then directed to a one-time password confirmation page - which Mailguard says “looks genuine” - with myGov and Australian Government logos.

Delete it immediately

Mailguard said recipients should delete the email immediately without clicking on any links.

“If you believe you may have already fallen for this scam, we recommend you change your myGov password as soon as possible and contact your bank to put a hold on your credit card,” it said.

Services Australia said myGov would never ask you to open a link in an email or SMS, and would never ask you to sign in through an email. You will only get links through a myGov inbox message.

Follow Yahoo Finance on Facebook, LinkedIn, Instagram and Twitter, and subscribe to the free Fully Briefed daily newsletter.