Australian technology news, reviews, and guides to help you
Australian technology news, reviews, and guides to help you
Surfing the web on phone and computer

Nasty myGov SMS scam doing the rounds, how to know

A very tricky myGov scam is going around on people’s phones, as scammers look to steal your bank details, provided you follow through. What should you be on the look out for?

We’re used to seeing scams on the regular, some of them terribly unconvincing while others improve, but there’s a particularly nasty one popping up this week in Australia, and it comes disguised as something from the government.

Most Australians would be familiar with myGov, the service that brings together many of the government services you may rely on under one roof, and being tax time, it’s not altogether unusual to get an alert from myGov noting you have a message waiting for you.

Around this time, that’s likely to be your group certificate or something similar, but a new SMS scam popping up in Australia looks to make you click without thinking, as scammers suggest your account has been locked out.

We’re sure there are other SMS scams going on, and ATO refund scams are particularly common around this time of the year, but the one we’ve picked up on this week is particularly nasty, sending around a surprisingly convincing text message, and arriving at a very compelling phishing website.

Essentially, scammers are using convincingly realistic text to lure you into clicking the link, and once there, will send you to very convincing looking fake websites in an attempt to steal your banking logins, and then steal your money.

Your myGov login has very little to do with your choice of bank, but in this scam, cybercriminals are hoping you won’t care, and will follow the breadcrumbs to enter the login details for one of Australia’s more popular banks, giving them access, and relieving you of any money you had inside.

What’s going on, and how can you tell it’s a scam?

Detailing this myGov SMS scam

As with all scams, there are some key indicators that give it all away, but most are only there if you go looking for them. Specifically in this scam, it’s the link you’re being asked to press, which is not a myGov phone number, but an actual one.

There’s no sender ID on this scam, with it coming through as an actual phone number, likely one that’s been spoofed. Meanwhile, real myGov text messages come through a myGov sender ID and without an obvious phone number.

The text on this scam is a little more convincing, reading as:

[myGov] There was a suspicious login attempt on your account. We had to lock your account. Please verify yourself via the LINK

We’re not republishing the link on this article because it’s clearly a scam, and doesn’t use the standard “my.gov.au” used by the Australian government. That’s the link you’re going to want to look for, not a random link that’s just as short. The right link is important, and one of the key factors scammers can’t replicate.

In this scam, the link itself is registered to someone clearly not from the government and more keen to keep their information private, something you can check yourself by running a WHOIS command on any website domain.

Rest assured, this isn’t the official myGov website, and these aren’t the details provided by the Australian government. This is a scammer registering a domain with a small amount of characters hoping to pull a fast one over you. They were a little cheeky in registering their business name with a term related to hacking (1337), but basically this is just a scammer running a scam site.

And what a complex scam it is.

This tricky scam looks quite convincing, even if the URL above is clearly fake.
This tricky scam looks quite convincing, even if the URL above is clearly fake.

If you accidentally find yourself at the scam, you’ll see a fairly convincing recreation of a myGov login, complete with actual links to parts of myGov on the right side, while the left side will ask you to select your bank and log in there.

Regardless of which bank you select, you’ll be taken to a site inside this phishing site, the fake myGov website, with phishing clones of Westpac, Commonwealth, ANZ, NAB, St George, and Bank of Queensland showing up on screen, waiting for you to type in your bank login details (examples below).

Your bank has very little to do with your myGov

It’s worth noting that aside for where you may direct refunds to, your bank has very little to do with your myGov login, and so this is scammers preying on something you don’t know.

Follow this scam blindly, and you’ll unwittingly give access to your bank account to scammers, allowing them to go in and transfer your money. It’s possible that you’ll have something like two-factor authentication on your bank account preventing it from happening, but it’s also possible that you won’t, and if you’ve followed this scam, you might just jump through enough hoops to let them take your money out.

The point is this: if you see an SMS saying it’s from myGov advising that your account has been locked, check the send ID at the top and look at the link. If neither say “myGov” in the right way, you might be looking down the barrel of a scam, and it’s in your best interest to not click.

Read next