Don’t risk sharing your MyGov password

On 4 December 2019 a case of fraud and theft was heard in Mt Druitt Magistrates Court NSW against an unregistered tax agent. The case highlights the risk of identity crime and the importance of not sharing your private myGov password information.

Information obtained from the hearing of Benjamin Cox revealed that he had fraudulently posed as a tax agent and lodged over a thousand individual tax returns using each taxpayer’s personal myGov access. He charged clients for his services and also stole some refunds his clients were due,using his own bank details to take the payments.

Mr Cox advertised his services through Facebook and Gumtree, targeting vulnerable people in the community who were unfamiliar with the Australian tax system.

In court Mr Cox pleaded guilty to the following charges:

  1. Dishonestly obtained financial advantage etc by deception under the NSW Crimes Act 1900 paragraph 192E(1)(b).
  2. Dealt with identity information to commit etc indictable offence under the NSW Crimes Act 1900 section 192J.


As a result of his actions, Mr Cox received a two-and-a-half-year prison sentence to be served in the community by way of an Intensive Corrections Order. He was also ordered to pay over $13,000 in compensation to the ATO and his victims, and has had $22,000 worth of his assets seized.

Tips to identify unregistered preparers

People pretending to be tax agents often promise refunds that are too good to be true or provide discounted services much cheaper than legitimate registered tax agents.

Another tell-tale sign to look out for is that unregistered preparers often use a taxpayer’s personal login details to access their ATO Online account through myGov to lodge tax returns. A legitimate tax practitioner will never ask for your myGov credentials – they use dedicated ATO Online services to lodge returns for their clients.

Giving an unregistered agent your myGov password also puts your personal information at risk.

Make a complaint

If you know of someone providing tax agent services for a fee or other reward who is not registered, you can let the Tax Practitioners Board know at

Hackers target tax file numbers

Federal police are hunting a gang of identity thieves who have been hacking the tax file numbers of up to 500 Australians a day.

The sophisticated online fraudsters have breached payroll systems, harvesting extensive personal details of workers and using the information to lodge fraudulent tax returns.

The revelation is the latest evidence of a large-scale identity fraud problem against government sites and services such as like MyGov, Medicare and the ATO and Labor wants a national investigation. 

In one case this month, payroll software used by a Melbourne accounting firm was hacked and the personal and financial details of 1600 employees of its clients were obtained.

An alarming level of personal data was plundered including, names, address, dates of birth, tax file numbers, bank account details, gross earnings and superannuation funds and membership numbers.

The scammers then prepared and lodged tax returns in the names of some of the unwitting workers.

It is was also confirmed  to victims that MyGov accounts could have been accessed and changed, or new accounts created using the stolen data, potentially leading to all services linked to the federal government web portal, including Medicare, Centrelink and Child Support, being compromised as well.

Australian Federal Police cast net over Xero phishers

Scammers hit NSW, VIC money men, change account deposit details

The Australian Federal Police is investigating phishing attacks against accountants that some say has seen thousands lifted from bank accounts.

The scam targets users of the popular Xero accountancy software-as-a-service service, with what is said to be a would-be login portal that steals credentials.

Money is being shipped off to a bank account in Western Australia, sources familiar with the attacks say.

The Federal Police cybercrime operations wing says in a boilerplate response it is investigating the compromise and will liaise with XERO and victims.

Spokeswoman for the New Zealand company Alex Mercer said Friday a “very small number” of login details were stolen either through phishing or malware.

“We are working closely with the users concerned to help address each of their incidents,” Mercer says.

“As you can appreciate, we do not discuss details about a user’s issue outside of informing the authorities or another organisation that needs to be involved.”

Mercer says customers should take the usual good security defense measures including updating and running antivirus before resetting passwords.

Security types say they know of a handful of businesses in NSW and Victoria were affected. In those cases attackers had used the stolen login credentials to change bank account details such that subsequent deposits were funnelled into attackers’ hands.