Thousands of myGov accounts are being suspended every month over fears they’ve been infiltrated by dark web software sold by criminals.
The federal government warned today Centrelink, Medicare and Australian Tax Office accounts were the targets of phishing attacks by scammers who were using so-called “scam-in-a-box” kits.
The technology can create a fake website and provide the know-how for scammers to launch a cyberattack.
Minister for Government Services Bill Shorten said Australians had already lost $3.1 billion to scams, including breaches of myGov, this year.
“The number of phishing scams that seek to impersonate myGov have increased dramatically,” he said.
“In 2023, there has already been more than 4500 new individual myGov scams.
“These fake sites and criminal gimmicks like ‘scams-in-a-box’ trick our citizens into giving criminals their user ID and passwords.
“The problem with these hacks, and the proliferation of phishing scams we now see, is that increasing amounts of stolen, identifying details end up on the dark web.”
After a myGov account is closed, the government agency works with affected people to set up new accounts.
Hackers are attracted to this type of scam because many Australians use one password for multiple accounts.
That offers maximum reward for minimum effort by cybercriminals.
“Statistics show that people reuse passwords at least 50 per cent of the time, making it possible for scammers and hackers to use the stolen password to access other online services,” Shorten said.
”myGov is now the number one digital government service used by Australians and Services Australia is working around the clock to counter scammers and hackers attacks.”
The government is finalising improvements to its ID verification, which is expected to better protect accounts against cyberattacks.
Two men have been charged in Victoria over a $100,000 alleged card skimming racket linked to a Romanian organised crime syndicate.
The 22-year-old Polish national and Romanian national, 35, were extradited from Queensland on Saturday and are scheduled to appear in a Melbourne court today.
Police will allege the men are involved in at least 44 events of using cloned cards linked with the ‘deep skimming’ insert device, fraudulently withdrawing at least $102,000.
Officers believe the men had been using disguises including glasses, face masks and scarves as well as using a hire vehicle which had been leased using assumed identities.
The investigation started in June when police became aware of a number of card skimming events specifically targeting NAB and Commonwealth Bank ATMs throughout Victoria, Queensland and New South Wales.
It will be alleged that those involved are a Romanian organised crime syndicate which has global links and targets financial institutions through the use of highly sophisticated means, including deep insert skimming devices.
Police believe those involved were inserting card skimming devices in ATMs to fraudulently obtain a victim’s bank card data, including card details and PIN numbers.
The cloned cards were then used at multiple ATMs throughout Victoria and other states to take victims’ money.
The investigation remains ongoing.
Anyone with information should call Crime Stoppers on 1800 333 000.
(9 News)
