From the Newsroom

From the Newsroom

Scam email offering fake refunds

January 18, 2023
-

Rodney Stevens

 

A dangerous new scam circulating through emails offering recipients ‘outstanding refunds’ has prompted a warning from the Australian government and Scamwatch.

Email security software company MailGuard issued the alert after intercepting emails posing as official emails from government agency myGov.

With an enticing subject line reading ‘You have an outstanding refund from myGov’ the emails encourage recipients to read further.

Despite being sent from what appears to be myGov, with an Australian Government logo, the website address refund@my.gov.au is the first sign this is a scam, as it is clearly different to the official site https://my.gov.au/ .

The body of the email is impersonalised, addressed to Dear Customer, informing them they have a refund of $640.98 available from myGov.

A link to accept the payment online then takes the user to a fake login page, featuring Australian Government branding to seem authentic, where they are prompted to enter their username and password.

There the user is asked to provide their full name, address, phone number, credit card information and CVV number.

MailGuard said the details would likely be used by cybercriminals.

“These details will again be stolen by the criminal and will likely be used for their personal financial gain or sold on the dark web,” MailGuard said in a statement.

“Refund scams are a cruel type of attack that target vulnerable individuals who could use the money promised.

“Instead, they risk financial and identity fraud.”

Then the user is asked to enter a code that has been sent to their mobile – typically used to verify credit card purchases.

myGov warns it would never contact users via email in this manner.

“We will never send you an email or SMS with a hyperlink directing you to sign in to your MyGov account,” Services Australia said.

“Always access myGov by typing in the web address yourself.”

Services Australia and myGov will never send you an email or text message asking for your; Username, Password, myGov Pin, secret questions and answers or personal details.

“When you are signed in to myGov, the messages in your myGov Inbox are secure,” Services Australia said.

“It’s safe to open links included in myGov Inbox messages.”

Anyone who receives the suspicious email should delete it immediately without opening any suspicious links.

Share
Share
Tweet