Skip to main content Skip to log on Skip to search Accessibility at CommBank

Brighter / Brighter Magazine / How to avoid the latest tax scams

How to avoid the latest tax scams

29 April 2024

As if collating a year’s worth of paperwork and receipts wasn’t stressful enough, you really need to keep your wits about you at tax time. The mix of having personal and financial information at our fingertips and cost-of-living pressures makes it the perfect time for cybercriminals to target Australians. Unfortunately, access to our data and behaviour is making it easier than ever for them to appear legitimate. In January 2024 alone, the Australian Taxation Office (ATO) received 1,443 reports of ATO impersonation scams – a 105% increase from December.1

Scam activity ramps up around tax time, with CommBank research finding 1 in 4# people have seen or experienced an end-of-financial-year tax scam.

Recently, the ATO reported a rise in scammers emailing Australians and asking them to update the multifactor authentication on their ATO account as part of a security update.2 The scam email includes a QR code that takes people to a fake myGov sign-in page that appears real but is set up to steal their myGov details if entered.

James Roberts, CommBank’s general manager of group fraud management services, says scams are becoming more sophisticated. “We’re reminding everyone to stay alert to tax scams and to stop, check and reject suspicious requests. By staying informed, questioning suspicious messages, and verifying the legitimacy of communications, individuals can protect themselves from these fraudulent schemes.”

1. ATO impersonation scam

When Sydney-based chef Emily received a call from someone claiming to be from the ATO, she had no reason to be suspicious. The caller told her that the ATO had found discrepancies in her tax return and would take legal action if she didn’t pay an outstanding amount of money.               

Emily had recently submitted her tax return online and was uncertain about whether she’d completed the form correctly. Worried about the consequences of not complying with ATO rules, Emily gave the caller the requested personal information, including her tax file number. She also paid the alleged outstanding amount over the phone.                 

Later, Emily realised she’d been a victim of an ATO impersonation scam. Last financial year, the ATO said 25,609 of these scams were reported – a 25% increase on the previous year.3

2. Remote access scam

Paul, a teacher in Jindabyne, NSW, received a call from someone claiming to be from the ATO who said his tax returns were under review. The caller asked Paul to grant him remote access to his computer so the caller could walk him through the discrepancies, correct errors and avoid Paul having to pay penalties. Paul granted the caller access to his computer; and the scammer installed remote access software, to get access to personal and financial information on Paul’s computer. The scammer then used this information to steal Paul’s identity and commit financial fraud.

3. Email phishing scam

Sarah, a Brisbane student, received an email appearing to be from the ATO, requesting updated banking information to process her tax refund. The email had the ATO logo and was formatted the same way as other ATO emails. The spelling and grammar were also correct – there were none of the errors that often appear in scam emails. Sarah clicked a link in the email and entered her bank account details. But it was a phishing scam designed to steal Sarah’s personal and financial information – plus $4500 from her bank account.

Your tax-time scam-prevention playbook

Never click an ATO hyperlink

In January, the ATO announced it was removing hyperlinks from text messages as cybercriminals use hyperlinks to take victims to fraudulent websites and steal personal information or to install malware.                     

Beware of unsolicited communication

The ATO will not cold-call and ask for personal information or threaten you with arrest, demand immediate payment of a tax debt or fine, or cancel or suspend a tax file number.              

Never share sensitive information

Don’t give your tax file number or bank information, such as passwords. Real organisations won’t ask for these details via phone or email.             

Question pay requests

The ATO does not demand payment through gift cards, cryptocurrency, or bank transfers. 

Verify first

If you receive communication claiming to be from the ATO, check it’s legitimate by calling the ATO helpline on 1800 008 540. Don’t use contact details provided by a potential scammer.           

Contact your bank quickly

If you think you’ve been scammed, let your bank and the ATO know right away. “By acting quickly, you can help minimise damage by limiting the time the attacker has to use your compromised data,” says Roberts. “Taking swift action is a little bit like putting up a shield to protect your personal details.” If you’re a CommBank customer, you can also report the scam.

Stay up to date with scams

Be wary of texts and emails with phrases like you are due to receive an ATO refund; we need to verify your incoming tax deposit; ATO refund failed due to incorrect BSB/account number; or click here to receive a rebate.

Stay updated with latest scams, fraud and security alerts

Tags

Things you should know

1 ato.gov.au – Scam Data 2024 
  https://www.ato.gov.au/online-services/scams-cyber-safety-and-identity-protection/scam-data

# House of Brand Group, April 2023, sample of n=1,047 nationally representative 18+

2 ato.gov.au – Scam Data 2024 
   https://www.ato.gov.au/online-services/scams-cyber-safety-and-identity-protection/scam-data

3 Ato.gov.au – Latest updates on scams, cyber safety and identify protection
   https://www.ato.gov.au/online-services/scams-cyber-safety-and-identity-protection/latest-updates-on-scams-cyber-safety-and-identity-protection#ato-202223Scamsbynumbers
 


This article was originally published in Brighter Magazine

This article provides general information of an educational nature only. It does not have regard to the financial situation or needs of any reader and must not be relied upon as personal financial product advice. The views expressed by contributors are their own and don’t necessarily reflect the views of CBA. As the information has been provided without considering your objectives, financial situation or needs, you should, before acting on this information, consider the relevant Product Disclosure Statement and Terms and Conditions, and whether the product is appropriate to your circumstances. You should also consider whether seeking independent professional legal, tax and financial advice is necessary. Every effort has been taken to ensure the information was correct as at the time of printing but it may be subject to change. No part of the editorial contents may be reproduced or copied in any form without the prior permission and acknowledgement of CBA.

Bank with an institution that prioritises your safety:

“Our latest anti-scam initiatives, such as the Scam Indicator developed with Quantium Telstra and our NameCheck technology, aim to prevent and detect scams,” says CommBank’s James Roberts. Scam Indicator aims to flag scam phone calls, while NameCheck indicates if the account details that a customer enters look correct before a payment. “These tools play a key role in safeguarding customers against tax scams, providing them with confidence and protection during tax season.”