If you have received an email claiming to be from myGov implying you have a Medicare reimbursement, think twice before opening it.
MailGuard has warned millions of Aussies about the new email scam with the subject line “Your Medicare Claims from MyGov”.
While the sender name shows as myGov, the actual sender comes from a compromised account at Stuttgart University in Germany, MailGuard warned.
Also read: Warning over myGov 'income return' message
Also read: Major change for myGov
“The email is a relatively plausible replica that's likely to catch some people unaware. It uses Australian Government branding in the header, addresses the recipient as ‘myGov User’, and then explains that: ‘Your Medicare claims and payment are now available for filing and disbursemnt [sic]’, before directing them to click on hyperlinked text that appears as though it will direct them to an Australian Tax Office claims page,” MailGuard said.
“In reality, it hides the true link, which will take the recipient to a phishing page.”
If the victim clicks the link it will take them to a phishing site, which replicates myGov’s login page but, on closer inspection, the URL is different from the official myGov page.
The phishing page asks the victim to enter their username and password, which are then harvested by the attacker.
Next, they are told a refund of $688.64 is available and, to receive it, they must enter their credit card details, including the name on the card, card number, expiry date and CVV. In addition, the criminals ask the victim to include their first and last name, full address, phone number and date of birth.
“This information, along with the rest that has already been entered, is very valuable for a cybercriminal and will likely be used for financial fraud,” MailGuard said.
“Finally, the victim is asked to enter a payment verification code, which likely signals the cybercriminal is trying to charge their card to verify it’s valid.”
Once the criminal is done harvesting the victims details, they are redirected to the legitimate myGov website.
Services Australia said it would never send someone an email or SMS with a hyperlink and the site should only be accessed by typing the web address (https://my.gov.au/) directly into the browser.