Australians are being warned about a major new scam after more than 270,000 fake Centrelink and Services Australia emails were detected in the past four months.
The phishing campaign is one of the largest seen in years, with cybercriminals using artificial intelligence to create messages that look almost identical to genuine government emails.
Mimecast, a cyber-risk company, has been tracking the surge and says the scale is one of the largest it has seen in recent years, with many of the fake emails referring to Medicare, superannuation, JobSeeker payments or Family Tax Benefits, making them particularly difficult to identify.
“It’s not targeted at any specific organisation, which we do see sometimes. It’s really quite a broad attack and honestly an attack on fairly vulnerable people when you think about the services involved here, which is kind of sickening,” Mimecast senior director Garrett O’Hara told Yahoo Finance.
He added that AI was likely helping scammers write convincing messages with perfect grammar and formatting, making them much harder to spot.
“You remember the advice to look for grammar that’s wonky or syntax, that’s all gone … [We’re] seeing a perfectly written email, really in any language, with good syntax and perfect grammar and exactly the same layout as the real deal – that’s trivial to do with AI.”
In some cases, scammers are even compromising real email accounts and building fake government login pages, making the messages look legitimate until it’s too late.
If someone clicks a link and enters their details, attackers can then access personal or business accounts, leading to data theft, malware or even ransomware.
“A lot of people, unfortunately, they still use the same email address and passwords for lots of different services,” O’Hara said.
“If you’re doing that and you’re getting compromised as part of this attack, there’s a thing called credential stuffing where they take the credentials they’ve stolen in a previous attack and then they just try different platforms.”
Services Australia confirmed it is aware of the scam, but says it has not noticed a significant increase in cases.
General manager Hank Jongen reminded Australians that they will never send a link, attachment or QR code by email or text message.
“The most important advice is not to click on links in email scams claiming to be from Services Australia or myGov. We won’t send links in text messages or emails asking you to sign into your myGov account or Centrelink online account,” he said.
Australians are urged to make sure any government website ends in .gov.au, and to always type my.gov.au directly into a web browser or use the official myGov app.
Anyone who thinks they may have clicked a suspicious link or given out personal information should call the Services Australia Scams and Identity Theft Helpdesk on 1800 941 126.
O’Hara said scammers often try to provoke an emotional reaction by claiming an account has been compromised or a payment will be stopped.
He advised people to pause, take a breath, and avoid clicking any link in an email. Instead, open a browser and go to myGov directly or call Centrelink to check.
“I’d much rather take an extra two minutes to do something than have the potentially huge impact of credential theft or credential harvesting,” he said.
Image: Pexel
