Researchers discovered a new phishing campaign called “myGov scam” that targets Australians and steals their financial information. The targets should be wary of this newly emerged cybercriminal scam offering hundreds of dollars from myGov refunds.
One email sample tells a recipient that it has an outstanding refund from myGov, which appears legitimate since it came from an alleged government agency. However, it is a simple ploy for the hackers as they target people who need extra cash.
The myGov scam offers fake refunds from about $640 to $2200.
According to investigations, the myGov scam email explains how a recipient should click the fast online payment feature to receive the refund. Subsequently, the fake refund email will redirect the target to another webpage.
Once the user lands on the page, they will be prompted to enter their login details and billing information, such as name, address, phone number, CVV number, and credit card number.
Surely these details will be exfiltrated by cyber criminals and could potentially be utilised by them for other campaigns and financial gain. It is also possible that the data could end up on the dark web for sale.
The phishing page will also ask the target to provide details regarding their personal information in a separate form.
The scammers have included a feature on their page that the users should confirm their identity to process their refund. The feature increased the legitimacy of the website despite its malicious nature.
Scammers may also pretend to have important information that says the refund will only be processed if the user confirms their identity. One recipient stated that it accessed the link in the phishing message only to find that the scammers impersonated a homepage for all well-known Australian banks.
The government entity Services Australia, which disseminates the legitimate myGov emails, explained that they are aware of the malicious activity. They are urging Australians to be wary of the recent scamming attempts.
Services Australia assured everyone they would never send a message to any customer with forms asking for credentials or personal information.
