ECONOMY & WORK
MONEY 101
NEWS
PERSONAL FINANCE
NET WORTH
About Us Contact Us Privacy Policy Terms of Use DMCA Opt-out of personalized ads
© Copyright 2023 Market Realist. Market Realist is a registered trademark. All Rights Reserved. People may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.
MARKETREALIST.COM / NEWS

'Scam-In-A-Box': Billions Stolen As Cybercriminals Target MyGov Accounts in Australia Using Kits Bought From Dark Web

The technology is reportedly used to create a fake website and provide the know-how for scammers to launch a cyberattack.
PUBLISHED NOV 8, 2023
The Australian Flag seen at Carrara Stadium | Getty Images | Photo by Michael Dodge
The Australian Flag seen at Carrara Stadium | Getty Images | Photo by Michael Dodge

The federal government of Australia recently warned the public of a scam targeting Centrelink, Medicare, and Australian Tax Office accounts. The government services minister, Bill Shorten, said that scammers were targeting people using the "scam-in-a-box" kits bought from the dark web. The technology is reportedly used to create a fake website and provide the know-how for scammers to launch a cyberattack. Every month, thousands of MyGov accounts are being suspended by the government out of concern that they have been breached via “scam-in-a-box” kits, The Guardian reported.



 

“Scam-in-a-box” kits are being bought by criminals on the dark web which are used to create fake websites and provide the specialist knowledge to launch phishing attacks on Centrelink, Australian Tax Office, and Medicare accounts.

A Medicare and Centrelink office sign is seen at Bondi Junction | Getty Images | Photo by Matt King
A Medicare and Centrelink office sign is seen at Bondi Junction | Getty Images | Photo by Matt King

Some kits are even equipped with security controls and allow criminals to run multiple scams at the same time and then quickly shut the operation before detection. Scammers create similar-looking or identical websites of the government portals using these kits. They then extract login information including passwords and IDs.

Photo illustration of a spam 'Phishing' email | Getty Images | Photo by Peter Dazeley
Getty Images | Photo by Peter Dazeley

“These fake sites and criminal gimmicks like ‘scams in a box’ trick our citizens into giving criminals their user ID and passwords,” Shorten was quoted as saying in The Guardian report.

One ad on the dark web apparently tells buyers that most Australians have a MyGov and all they have to do is ask for login details from the victims and make sure their Australian Tax Office is linked to their account.

In 2019, Guardian Australia reported that criminals on the dark web were offering Medicare details for $21 ($33), and up to $340 for fake Medicare cards and other fake forms of identification.

Scammers send a text to victims claiming to be sent by the government agency myGov and tell the recipient that they are eligible to apply for an “economic support payment” or a “Tax Refund”. It then instructs the victims to provide their personal banking details before the support expires and share a link for a form. This form then takes the victims to a fake website that extracts sensitive login or crucial ID information from them.

The Australian Competition and Consumer Commission’s Scamwatch shared a copy of the text message that is being shared in the scam. The most preferred contact method for scammers was a text message, followed by a phone call or an email.



 

Scamwatch warned the users of myGov that the official website will never ask them to click on links to sign in to their accounts and enter their bank details or submit any ID docs. It advises users to use the secure myGov app to check their accounts.

These scams are particularly attractive to cybercriminals as it is estimated that most Australians use one password for several accounts. Thus, the attacks require minimum effort for a valuable reward. “Statistics show that people reuse passwords at least 50% of the time, making it possible for scammers and hackers to use the stolen password to access other online services,” Shorten said, in the Guardian report.

According to Shorten, Australians had already lost $3.1 billion to scams this year. As per Yahoo Finance, this is an 80 percent increase on the previous year. Further, investment scams were the highest-loss category reporting a loss of $1.5 billion. They are followed by remote-access scams ($229 million) and payment-redirection scams ($224 million).

Bill Shorten has assured that Services Australia is working around the clock to counter scammers and hacker attacks. However, the scam-in-a-box frauds are expected to continue targeting MyGov until the government completes the overhauls of its ID verification, which is reported to be in the final stages of completion.

Shadow Minister For Government Services Bill Shorten during a press conference | Getty Images | Photo by Sam Mooy
Shadow Minister For Government Services Bill Shorten during a press conference | Getty Images | Photo by Sam Mooy

“I am also working closely with my ministerial colleague, Senator Katy Gallagher, to establish a digital ID that will be a key line of defense against cybercrime when established,” Shorten said in the report. Last year, the government said it was considering to centralize the digital identity authentication for myGov or its myGovID system in the wake of the Optus breach.

MORE ON MARKET REALIST
She has starred in classic films such as "Sixteen Candles", "The Lost Boys", and "Twister".
11 hours ago
What is Judy Sheindlin’s salary per episode? Here’s what we know about the TV judge and her new IMDb TV show, ‘Judy Justice.’
1 day ago
Sajak was criticized by fans on the internet but the contestant clarified that it was just for fun.
1 day ago
Danielle Perez had gone viral after talking about the awkward moment on "The Price is Right" on social media.
1 day ago
The singer also got Malone's number but is only focusing on sharing his work with him for now.
1 day ago
The incident did not bring down the woman's excitement as she kept jumping on stage.
1 day ago
The guest had no idea whose face was engraved on the top of the box and how much it cost.
2 days ago
The young entrepreneur saw a common problem kids his age faced and came up with an invention.
2 days ago
It was a gift from the father of his first client to whom he had sold a condo.
3 days ago
The singer wanted to celebrate his journey by sending fans to the place linked to his early days.
3 days ago
Wait till you hear the list of weird prizes that 'Price is Right' gave in the '50s.
3 days ago
The bottled water from the popular retailer has nanoplastic particles more than the firm's limits.
3 days ago
Most of the sharks had concerns about water pressure even though the product impressed them.
4 days ago
The host wanted to be sure about the signature that added a lot of value to the doll and the cards.
4 days ago
The incident took place on a busy Friday night and the staff failed to keep track of the group.
4 days ago
Some users also told her to just sell the car back and take cash for it instead of just paying taxes.
5 days ago
The man was initially convinced that there was a gold nugget inside the rock but he just couldn't crack it.
5 days ago
The question may not have been suggestive but fans read between the lines and interpreted it their way.
5 days ago
Sajak acknowledged that his farewell was robbing the players of time and winning opportunities.
5 days ago
The user finally decided to spend what he found on a camera and still had $500 left.
6 days ago