Unfortunately tax time proves to be rich pickings for scammers. Some of the latest scams are clever in their communication delivery and impersonation techniques, and some scams are practically invisible in the form of malware on your phone.

We urge you to be alert to some of the latest scams and ways you can protect against them.

Tax debt

  • There has been an increase in scammers using third party software, such as WhatsApp to impersonate the ATO. The ATO does not have a WhatsApp profile and will never engage with you on this platform. Cyber Criminals have recently used WhatsApp to access sensitive information on your phone. You should update your phone to ensure the latest security updates are installed. 

  • “There is a warrant out for your arrest”. Have you received a phone call or voice message like this? The calls used to come from unknown international numbers. They’ve since sophisticated the caller ID to imitate ATO phone numbers. While the numbers might look genuine, the ATO will never threaten you with arrest, demand immediate payment especially via an unusual payment method such as bitcoin or gift cards, or refuse to allow you to speak with your tax agent. If you receive a call like this, we recommend that you ask the caller for their ATO Identification Number and a return phone number to call them back at another time. If the caller is ingenuine, they will not be able to provide you with these details.

Tax refund

  • Scammers have recently been texting people, asking them to click on a link and provide them with sensitive information in order to receive a tax refund. The ATO will not communicate with you in this way. Any communication regarding taxes from the ATO will come from your MyGov account. Always check with your tax agent before you click on anything.

Malware – “Agent Smith”:

  • Android users are encouraged to beware of recent malware doing the rounds called “Agent Smith”. It has already infected more than 25 million phones. It is disguised as a google-related app and can show fraudulent ads for financial gain or more intrusive purposes such as banking credential theft and eavesdropping. If you suspect you’ve been infected by any malware, here is how to remove them:

For Android:

  1. Go to Settings Menu

  2. Click on Apps or Application Manager

  3. Scroll to the suspected app and uninstall it

  4. If it can’t be found then remove all recently installed apps

For iPhone:

  1. Go to Settings Menu

  2. Scroll to ‘Safari’

  3. On the list of options, ensure that ‘block pop-ups’ is elected

  4. Then go to ‘Advanced’ -> ‘Website Data’. 

  5. For any unrecognised sites listed, delete this site