Scammers at tax time – 10 ways to protect yourself

The end of financial year and tax time is a busy time for scammers. Common cons at this time of year include:

  • Phone calls or robocalls from people pretending to be from the ATO (Australian Tax Office) or myGov
  • Text messages requiring ‘more information’ so ‘the ATO can finalise your tax return’
  • Emails that seem to be from the ATO, asking you to click a link to view something regarding your superannuation

But scammers don’t just work at tax time – they’re in operation all year long. They’re also getting more clever and sophisticated every year. How can you protect yourself from financial and identity fraud when these phone calls, text messages and emails seem so authentic?

Here are ten steps you can take to safeguard your identity and your finances:

1. Keep personal information secure

Be very careful about sharing sensitive information online or over the phone. Sensitive information includes things like:

  • Your full name
  • Your address
  • Your date of birth
  • Credit card information

You should only ever share these things if you have absolute confidence the person requesting the information is legitimate. If you are ever unsure, trust your gut. It is better to have to ring someone back than it is to have sensitive personal information or financial information stolen.

2. Use strong passwords

We all know we shouldn’t use things like birthdates or easily guessable information in passwords. So what we all tend to do instead is have one strong password (that is a mix of letters, numbers and special characters)and use it for everything. The danger of this is that it exposes you to what is known as ‘credential stuffing’. This is where hackers use previously stolen login credentials from one website and then ‘stuff’ these credentials into other websites until they find matches.

The best way to have a unique and strong password for everything is to use a password manager like LastPass or 1Password.

3. Be vigilant against phishing

Phishing is where scammers attempt to trick individuals into revealing their sensitive information, such as usernames, passwords, credit card details, or other personal data. These fraudsters typically impersonate trusted entities like banks, government agencies, online services, or well-known companies to gain your trust and deceive you into providing confidential information.

To protect yourself against phishing, be vigilant about unsolicited emails, messages, or phone calls asking for personal information or directing you to click on links. Remember, financial institutions and legitimate organisations will never ask you to provide sensitive information via email or pop-up messages.

4. Regularly review your financial statements

A good habit to get into is logging in to your internet banking each day and reviewing the transactions that have gone through your accounts, particularly your credit card. If you’re unlucky enough to have had your credit card details stolen without your knowledge, you’ll immediately notice any unauthorised transactions or charges and be able to report them to your financial institution quickly. And put a stop on any further transactions of that nature being made.

5. Enable Multi-Factor Authentication (MFA)

It might annoy you that everything these days, from Facebook to online banking, wants you to add MFA to your login. But this one extra layer of security can make a huge difference to how well-protected you are from scammers. So whenever you are prompted to add MFA, take the opportunity and do it.

6. Secure your devices

Whenever you get a notification to update your computer, smartphone, and other devices with the latest security patches and antivirus software – do the update.

You should also regularly back up your phone and computer to prevent permanent loss of important data.

7. Protect your letterbox

If you receive sensitive financial information by mail, it’s a good idea to secure your mailbox to prevent mail theft. If you move, make sure to let all relevant financial institutions know about your change in address. This will ensure sensitive documents aren’t sent to your previous address.

8. Shred sensitive documents

Before disposing of financial documents or statements, it’s always a good idea to shred them (or tear them up into tiny pieces if you don’t have a shredder). This prevents ‘dumpster diving’ and the identity theft that can come from it.

9. Be very careful when using public Wi-Fi

It’s best practice to ensure you don’t log in to online banking or things like myGov when using public Wi-Fi. And it’s best not to purchase things online using your credit when on public Wi-Fi either. These networks are highly vulnerable to hackers. Accessing sensitive sites or using your credit cards on public networks makes it easy for your data to be intercepted.

10. Stay educated

The Australian government and financial institutions often release warnings about new scams and provide resources about protecting yourself. Pay close attention when these warnings are shared with you, and use them to stay informed about the newest things scammers are doing to steal identities and commit fraud.

Remember, prevention is key when it comes to financial fraud. These steps can significantly reduce your risk of falling victim to scams and protect your financial wellbeing.

Scroll to Top