Tax and cryptocurrency scams: how to avoid getting stung
Tax time is attracting scammers, who have already been busy targeting the latest bitcoin boom. Here’s how to protect yourself.
SmartDaily
Don't miss out on the headlines from SmartDaily. Followed categories will be added to My News.
Tax and cryptocurrency – two of the most popular topics for workers and investors right now – have become two of the biggest targets for scammers.
Cybersecurity and fraud protection specialists have noticed a seasonal spike in activity and say there are some important defence tactics consumers should consider.
The Australian Taxation Office last month warned of a new impersonation scam where a fake email claiming to be from myGov asked people to click a bogus link to verify their identity, and says it expects to see more malicious attempts to harvest personal details.
ALWAYS BE SUSPICIOUS
Computer security company McAfee’s senior vice president of consumer marketing, Judith Bitterli, says people should be hyper-vigilant.
“Consumers must proceed with caution this end of financial year, treat all emails, phone calls and texts with the utmost suspicion, and triple-check all communications and web addresses are legitimate before inputting any personal information,” she says.
“The ATO will never send you a text or email that includes a link that requests you log into your account. Nor will the ATO threaten to lock or suspend your account or request you pay a fine over the phone.”
If unsure about any approach, people should go directly to the source rather than rely on provided links or phone numbers, and should also download security software, Bitterli says.
IT security company Sophos sees a lot of emails, texts and phone calls from scammers around tax time.
CHECK SCAM ALERTS
Sophos global solutions engineer Aaron Bugal says the scams often look and sound legitimate.
“Scammers copy the formatting and imagery from actual ATO emails and ask citizens to provide their details,” he says.
“The most recent scam calls are computer generated, have an Australian accent and threaten legal action due to ‘your tax file number being restricted’ – just another ruse; the ATO does not suspend tax file numbers.”
Bugal says people should:
• Check email addresses closely when contacted – “don’t fall for the @at0.gov.au or any other variant”.
• Check the current scam alerts on ato.gov.au.
• If unsure contact the ATO directly using the number on its website.
• Know that the ATO does not threaten to arrest people or use other scare tactics.
TAKE CARE WITH CRYPTO
Surging prices of bitcoin and other cryptocurrencies in the past year – before their recent retreat – prompted scammers to step up their attacks on crypto clients.
Bugal says cyber-criminals are seasonal. “They go with what’s trending, and crypto is definitely trending right now,” he says.
“Crypto is a new world for most people, but don’t be fooled by crypto-jargon and a professional looking website.
“Anyone can set up a website and plaster it with crypto-speak – don’t let it overwhelm you into making investment decisions you don’t understand. If it sounds too good to be true, it probably is.”
NortonLifeLock senior director Mark Gorrie says people should used established cryptocurrency exchanges rather than those sending emails or ads promising quick and easy crypto transactions.
“While cryptocurrency itself offers anonymity, the buying and selling of cryptocurrency involves inputting personal information such as your financial details,” he says.
Gorrie says crypto traders and investors should always use two-factor authentication to secure their online wallets.
“A strong password suggested by a password manager will add an extra level of security and make it more difficult for coins to be stolen,” he says.
WATCH FOR THESE ATTACKS
• Phishing texts and emails appear to come from legitimate sources such as the ATO and typically ask consumers to click on fake links designed to either infect devices or steal personal information.
• Robocalls are automated messages played on a phone call, posing as a government or law enforcement body, and often demand payment and threaten fines or jail time.
• Phony apps and websites look like the legitimate source and trick into handing over their personal, account or financial information to log in.
Source: McAfee
More Coverage
Originally published as Tax and cryptocurrency scams: how to avoid getting stung