![]() However, victims of this fraud have questioned the agency's unwillingness to alert them to what signs to look for. The ATO said it encouraged taxpayers to practise good "cyber hygiene" and "proactively log in and look for anything … suspicious, the same way they would monitor their bank accounts." "There will be so many people out there that this is happening to, and they will have no idea." 'They don't know what to look for' "It's just wrong, and if we can make someone stand up and recognise it to make a change for the better, I'm all for that," he said. Mr Hirschhorn said the ATO was not "complacent" about security, but Lindsay isn't comforted by the agency's response. When he challenged the tax office about it, he said "the ATO person told me the 48 hours doesn't account for weekends". However Lindsay said the third hack occurred when the account was supposed to be locked. He can only access it by phoning the ATO and arranging for a temporary two-day unlock. Mr Hirschhorn said the ATO has "recently become more focused on overlinking" and is ramping up its capacity to combat this and similar frauds.Īs with Sue, Lindsay's account has now been locked. This is because payments are paid out by the Commonwealth, not individual taxpayers, and the false tax amendments are often lodged either in early July before taxpayers submit their annual returns, or in the quiet period of the financial year. Taxpayers discovered many of the false refund claims and fraudulent payments by chance. "We are managing an acceptable level of risk," Mr Hirschhorn said. Mr Hirschhorn defended the ATO's settings, saying they were a "balance between the systems being easy to access for the majority of taxpayers, while being hard to access for those with criminal intent". The ATO's identity requirements for myGov linking are significantly lower than other government agencies such as Medicare. "Overlinking" is the ATO's term for new myGov links to pre-existing tax accounts. The latest figures are only up to February 2023, so the total fraud is likely higher than $557 million.ĪTO second commissioner Jeremy Hirschhorn told the ABC "there is a difficulty in identifying this particular type of fraud, as overlinking and prior adjustments are both frequently legitimate". Some claims were cancelled before they were paid, however the ABC knows of numerous taxpayers who have discovered claims that were paid out to fraudsters, including through bank accounts that were immediately emptied by the criminal and closed down, thwarting the bank's ability to freeze the funds. This figure ballooned last financial year to $320 million, involving 8,100 taxpayer accounts. The fraud was perpetrated across the files of more than 7,500 taxpayers. In the financial year 2021-22, more than $237 million was claimed by the fraudsters via false Business Activity Statement (BAS) and tax refund claims. The tax office has now revealed through a Freedom of Information request that more than $557 million was fraudulently claimed in less than two years by fraudsters cheating the identity checks set by the tax office, and hacking into genuine taxpayers' ATO accounts. Once they've established the link they can replace your bank details and then submit refund claims while pretending to be you.Fraudsters create bogus myGov accounts and use any two of the above (likely stolen) to switch your ATO account to theirs.ATO accounts are linked to your myGov account through two of the following: A previous ATO assessment, a bank account, a PAYG summary, a Centrelink payment, or a superannuation account. ![]() The report exposed how credentials stolen from high-profile hacks like Medibank and Optus have been used by criminals to circumvent security checkpoints used by the ATO, and how the agency was failing to identify some fraudulent activity on accounts it managed. MyGov is the central hub used to access an array of Commonwealth services including the ATO, Medicare, and Services Australia. In December, ABC Investigations revealed how criminals were gaining unauthorised entry to the ATO's data by creating false myGov accounts and linking them to the tax files of genuine taxpayers. The Australian Tax Office (ATO) has admitted to the ABC that more than half a billion dollars has been claimed over the past two years by fraudsters exploiting a glaring security gap in the agency's identity checking system. ![]() You might think the system is secure - after all, the government is expected to safeguard your information - but it's not. Millions of Australians will be logging into their myGov account to lodge their tax returns. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |