Cyber thieves target tax time

Cyber thieves target tax time
The ATO says 1000 tax refunds, totalling $9 million, have had to be cancelled.
More than 26,000 tax returns have been delayed this year because they were suspected to be the work of identity fraudsters.
The Tax Office has confirmed that only a small number of the suspect transactions turned out to be dodgy and only about 1000 refunds, totalling
$9 million, have had to be cancelled
But Fairfax Media is aware of one case where a woman submitted her tax return this year via E-Tax and MyGov only to find her refund had been siphoned off into a thief's bank account.
Advertisement
The ATO says it is sure its own systems have not been breached and that most frauds use the victim's personal information that had been illegally obtained elsewhere.
Cyber security experts say that it is quite possible for a criminal to pilfer a citizen's information from one government application, MyGov for example, and use it in a fraud against another department like the ATO.
The Tax Office says it does not store information on MyGov, with the popular site simply acting as a "portal" for access to a wide range of government websites.
An ATO spokeswoman said the agency used sophisticated analytics to monitor its systems, picking up any sign of suspicious activity.
"However, we do see cases where criminals get access to legitimate accounts, passwords and online services through identity theft," she said.
"Our analytics programs have so far this tax time held up more than 26,000 refunds that were suspected to involve identity crime.
"We review these refunds manually and cancel any refunds that are fraudulent."
But the victim that spoke to Fairfax is convinced she was ripped off after information was obtained from one of the government interfaces she used.
After having difficulty accessing her ATO account linked to MyGov she contacted the tax office who informed her her banking details held by the ATO had been changed.
Have you fallen victim to tax time thieves? Let us know ps@canberratimes.com.auHer refund had been paid to a completely different account at a different banking institution.
After six weeks, the woman received a reimbursement for a "fraudulently negotiated refund cheque" but has not had an explanation from the ATO as to how the fraud occurred.
None of her other banking information or accounts have been compromised, the fraud appears to purely be a theft of her tax refund.
But the Tax Office says its systems have not been hacked.
"There is no evidence that ATO systems have been compromised in any way," the spokeswoman said.
"If we think a person's identity has been compromised, we get in touch with them. Our client identity support centre provides support to taxpayers who have had their identities stolen, misused or otherwise compromised.
"Where the ATO uncovers fraudulent activity, we work with law enforcement and other agencies to take action."
But Mike Thompson, director of information security at Linus Security, said that the silo nature of the federal government opened up opportunities for online criminals.
"Some of the biggest weaknesses in these systems don't relate to the core infrastructure, they relate to the peripheral processes around it," Mr Thompson said.
"With identity theft, there is a multitude of ways that someone can pull the required information together to do that.
"It might be unfair to blame one department, but collectively there are weaknesses. "Part of the solution is to tackle this as a holistic fashion rather than in isolation and governments are very poor at tackling things in a holistic way, they can be very siloed."


CULLED FROM CANBERRATIMES 

No comments:

Post a Comment