In recent times, the Australian Taxation Office (ATO) has expressed growing concerns about cyber security and fraud in relation to its online services. As a business owner or individual dealing with the ATO, it is crucial to be aware of these concerns and take appropriate steps to protect your sensitive information. In this article, we will address the three main areas of concern for the ATO around cyber security and fraud:
1) impersonating the ATO;
2) loss of personal identifying information and identity documents; and
3) cyber security practices for businesses and tax professionals.
We will also provide a list of 10 essential steps suggested to help you safeguard your data.
Impersonating the ATO
Fraudsters may attempt to impersonate the ATO to deceive individuals and businesses into revealing sensitive information or making payments. Always verify the authenticity of any communication claiming to be from the ATO. Keep in mind that the ATO will never ask for your myGovID, demand immediate payment through unusual methods, or threaten you with arrest. More information around this can be found on the ATO website.
Loss of Personal Identifying Information and Identity Documents
The theft or loss of personal identifying information and identity documents can lead to identity theft and other forms of fraud. Protect your identity documents by storing them securely and not sharing them unnecessarily. Be cautious when providing your personal information online, and always verify the legitimacy of websites and emails before entering any sensitive data.
Cyber Security Practices for Businesses
To ensure the security of your online interactions with the ATO and other digital services, follow these best practices:
- Don’t share your myGovID.
- Use a personal email address when setting up your MyGovID.
- Protect your personal email account with strong, unique passwords and two-factor authentication.
- Keep your smart devices secure by installing updates and using reputable security software.
- Turn on notifications for MyGovID in your app settings. This will ensure you receive verification notifications when accessing your online services.
- Check your MyGovID setup regularly for any suspicious activity.
- Protect your identity documents by storing them securely and not sharing them unnecessarily.
- Increase the security of your MyGovID by verifying additional identity documents.
- Report suspected inappropriate access to your accounts or personal information to the relevant authorities.
- Stay on top of your cyber hygiene by regularly updating software, using strong passwords, and being cautious with the information you share online. Watch a previous boardroom briefing recorded session on Cyber Security here to help with this.
The ATO estimates that they are currently receiving around 3 million cyber attacks a month (Source: news.com.au, October 2022). The potential threat of cyber security and fraud is a very real one that all of us need to take seriously. As a business owner or individual dealing with the ATO we recommend that you regularly assess your current cyber security risks and take steps to ensure that you are protecting yourself and your business against fraud at all times. It is vital you protect your sensitive information and maintain the integrity of your online transactions. By staying vigilant and following best practices, you can significantly reduce the risk of falling victim to cyber threats and keep your data safe.