Every now and then we hear about a scam which is serious enough to alert our clients. This latest scam is a sophisticated attempt to get you to share your myGov login and bank account details.
How does the scam work?
The scam starts with a phishing email that looks like it is from Medicare, asking you to update your Electronic Funds Transfer (EFT) details…
…so you can start receiving payments for Medicare benefits and claims.
The scammers have set up a clone of the myGov website.
When you click through from the fake email you may be fooled into believing you are at the official myGov destination site.
These emails and web pages feature myGov and Medicare design and branding, making them appear legitimate.
The image on the left is a copy of the scam email. The image below shows the replica myGov website created by the scammers.
Don’t be fooled
If you click on the link in the email you are taken to a replica of the real myGov website. You’ll note the URL includes ‘.net’ instead of ‘.gov.au’, which is an indication the website is not a legitimate Australian Government domain.
If you input your login details you are directed to also enter your secret security question and answer, before you’re taken to the fake Medicare website to input your bank account details.
Do not click on the link and share your details or you will be giving these scammers access to your personal information, which they then use to steal your money and identity.
How to stay protected
There are some simple ways to avoid an email scam. The federal government’s StaySmartOnline service advises these tips:
- Do not click on links in emails or text messages claiming to be from myGov or Medicare. myGov will never send you a text, email or attachment with hyperlinks or web addresses.
- Don’t open messages if you don’t know the sender, or if you’re not expecting them.
- Be suspicious of messages that aren’t addressed directly to you, or don’t use your correct name.
- Login to your official myGov account by typing the web address into your browser, to check your inbox for any legitimate emails from Medicare.
- You can also contact the organisation separately to check if they have sent the message.
Email continues to be a popular method for criminals hoping to trick you into handing over your money or personal information.