Story image

Fake myGov email & SMS scam asks for pics of passports, driver licences

18 Apr 2017

Security watchdog Stay Safe Online has issued a critical alert to Australians, warning them of a fake email and SMS scam purporting to be from myGov.

The messages gather confidential details and use them for malicious purposes. This seems to be the second round of messages disguised as myGov emails, as a similar campaign was conducted earlier this year.

The email messages, which use myGov branding and design, use the subject line ‘Australian Government and myGov must verify your identity’. 

The emails are designed to trick users into providing their myGov credentials such as username and password, as well as credit card details including the number, expiration and security code. 

The scam is also circulating by SMS and is apparently separate from the email campaign. It tricks users by stating that ‘incorrect details’ are ‘suspected’ in their accounts and unless they upload the right documents, their account will be suspended.

Users must then click on a link that asks them to uploads photos of passports, driver’s licences and other information.

Stay Safe Online states that users should not click any links in the messages or submit any personal information. Those who have submitted information should contact their providers (banks, the Australian Passport Office and the state responsible for issuing drivers’ licences).

In addition, anyone who has received an email claiming to be from myGov or the Department of Human Services and logged in using the link should contact the myGov helpdesk immediately on 13 23 07.

The Department of Human Services does not include any links in email or SMS messages it sends to recipients.  Users are urged to only use my.gov.au in their browser and ensure that https:// is at the front of the web address. 

Stay Smart Online recommends that users do not open emails from unknown senders and be wary of unexpected emails. Contact  providers through their genuine number if unsure.

Users can also submit cybercrime to the Australian Cybercrime Online Reporting Network (ACORN). 

Singapore firm to launch borderless open data sharing platform
Singapore-based Ocean Protocol, a decentralised data exchange that promotes data sharing, has revealed details of what could be the kickstart to a global and borderless data economy.
Huawei picks up accolades for software-defined camera ecosystem
"The company's software defined capabilities enable it to future-proof its camera ecosystem and greatly lower the total cost of ownership (TCO), as its single camera system is applicable to a variety of application use cases."
Aussies too lax about IoT security - McAfee
Aussie consumers are at a loss when it comes to securing the increasing number of connected devices in their homes and are often opting to take no action at all.
Barracuda expands MSP security offerings with RMM acquisition
Managed Workplace delivers an RMM platform with security tools and services, such as site security assessments, Office 365 account management, and integrated third-party antivirus.
Flashpoint: APAC companies must factor geopolitics in cyber strategies
The diverse geopolitical and economic interests of the states in the region play a significant role in driving and shaping cyber threat activity against entities operating in APAC.
Expert offers password tips to aid a stress-free sleep
For many cybersecurity professionals, the worries of the day often crawl into night-time routines - LogMeIn says better password practices can help.
SolarWinds extends database anomaly detection
As organisations continue their transition from purely on-premises operations into both private and public cloud infrastructures, adapting their IT monitoring and management capabilities can pose a significant challenge.
NATO picks BlackBerry's encrypted voice technology to secure calls
The NCI Agency acquires, deploys and defends communication systems for NATO's political decision-makers and command centres