Story image

ATO scammers steal $50k's worth of cryptocurrency from Australian taxpayers

19 Mar 2018

Australians should be wary of emails or phone calls appearing to be from the Australian Tax Office (ATO) that demand cryptocurrency payments for fake tax debts.

According to recent reports to the ATO, Australians have lost more than $50,000 worth of Bitcoin to the scams in late 2017.

According to Stay Smart Online, anyone can be targeted by the scam.

“Cryptocurrency operates in a virtual world, and once the scammers receive payment, it’s virtually impossible to get it back,” comments ATO Assistant Commissioner Kath Anderson.

While scammers may be adopting cryptocurrencies as a way of getting money, Anderson says the popularity and anonymity that cryptocurrencies provide make it an attractive method for scammers.

“Scammers are constantly adapting their methods to maximise their chances of picking your pocket.”

ATO says taxpayers should be vigilant for other versions of the fake tax scam.

Other versions include asking for direct deposits into third-party bank accounts, demanding payment via iTunes cards or with pre-paid Visa cards.

Third-party bank account payments account for more than half of all losses from scams – equating to approximately $1.2 million in lost funds last year.

“In 2017, the ATO received over 80,000 reports of scams, with taxpayers reporting almost $2.4 million lost to scammers claiming to be from the ATO,” comments Anderson.

“Over $900,000 worth of iTunes gift cards were reportedly paid to scammers – by almost one third of all victims. We are hoping that the new warnings Apple is including on their gift cards will help people realise the ATO doesn’t accept payment in iTunes cards.”

Anderson also says the ATO is concerned some taxpayers may be tricked into sharing personal information such as their Tax File Number.

 “If you receive a phone call out of the blue, threatening police or legal action if you don’t pay a debt, or the person calling you is rude and aggressive, hang up, it won’t be the ATO. Any call-back number provided should be checked via an independent internet search to ensure you are calling the ATO.”

"If you have received an unexpected email or threatening phone call that claims to be from the ATO and demands payment via Bitcoin or cryptocurrency, iTunes cards, or pre-paid Visa gift cards, don’t make the payment,” Stay Smart Online says in a statement.

Stay Smart Online offers the following tips for staying safe.

  • Keep your personal information such as your Tax File Number and birth certificate secure and safe. Don’t carry them around in a wallet or handbag or saved on a phone.
  • Be suspicious of any unexpected emails or threatening phone calls that claim to be from the ATO.
  • Check that a payment method is legitimate before making a payment.
  • Don’t overshare on social media and check the privacy settings on your online accounts.

“Remember, your personal information is like the keys to your identity – guard it carefully. And if you think you’ve been scammed or would like to confirm the legitimacy of an ATO call or letter, phone us on 1800 008 540,” Anderson concludes.

Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
WatchGuard announces A/NZ partners awards
Four Australian companies were named partner award winners at the WatchGuard conference in Vietnam.
Telstra’s 2019 cybersecurity report
Cybersecurity remains a top business priority as the estimated number of undetected security breaches grows.
Why AI and behaviour analytics should be essential to enterprises
Cyber threats continue to increase in number and severity, prompting cybersecurity experts to seek new ways to stop malicious actors.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.
Why cybersecurity remains a top business priority
One in two Australian businesses estimated that they will receive fines for being in breach of new legislation.