Scams, spams and confidential data.
With the evolution of artificial intelligence, spammers and scammers are on the rise and they're getting good at it. This tax season we’ve seen a rise in junk mimicking the ATO, MyGov & Meta. We chatted to Adrian Smith of Run Gopher about what to look for and how to protect yourself online.
It’s not something to be scared of, but you do need to be aware.
Being safe online isn’t something that’s just for kids, and it isn’t something we need to be afraid of, we just need to be educated. As we’re ramping up for tax time, there is an increasing risk of ATO impersonation scams. For example, the scams might involve ATO-branded SMS or emails with links to a fake myGov page, and they aim to trick people into thinking they need to act quickly in order to rectify a mistake (or problem) and avoid a costly penalty. It can look scary.
Adrian says, “unfortunately as technology advances, scams become more believable. They are getting very clever, but all scams (currently) rely on the end user to click a link, handover details or simply stay on the phone. If you are unsure, hang up, delete the message or ignore it.”
Have up to date and secure passwords
Having a secure password is really going to help. There are random password generating apps that can be used for this, and a password manager can securely store these for you. With a million passwords and their wild requirements for letters, numbers and special characters etc, it can be SO overwhelming trying to remember it all. We use a password manager to help us with that - they often have password generating options built in as well - a quick google search can show you a bunch of options.
Less stress is a yes from us.
Use an authentication app.
Multi factor authentication is becoming commonplace and in business, it should probably be the norm. What is it? Great question, I’m glad you asked. This process of authentication is a login process, with multiple steps, that requires the user to enter more information than a simple traditional password - maybe there’s a security question, or a randomly generated code required at log in. The point is, there’s more steps, making it a lot harder to get through.
The Google Authenticator app integrates with most platforms (maybe all? I haven’t checked) and is really quite straightforward, with randomly generated codes. We like it.
Don’t click the links in an email to update any of your details.
If you receive an email or text saying you need to update a password on any platform, bank or with a government organisation, we’d recommend you exit the email/text and do it through a trusted application. It also never hurts to put in a phone call to a trusted number.
If a bank calls out of the blue for a chat, and it seems real, it is ok to ask the person on the other end of the line if you can call them back using the main phone number listed online. You can ask them which department they’re from and how to find them after you’ve gone through the main switchboard.
Important to note: The ATO and myGov will never send you an SMS or email with a link to access online services. These should be accessed directly by typing ato.gov.au or my.gov.au into your browser.
SenderID vs Phone Number.
There are two types of SMS you can receive. One being sent and appearing as a regular mobile number eg: 0412 345 678. The second type of SMS you will receive will present as a word eg: RUNGOPHER.
The first type (the number) you can send and receive messages from, but the second (SenderID) you will not be able to reply to, if you try, it will fail.
Up until 2023 you could use any SenderID, but now communications providers are required to register the SenderID with the communications commission who are trying to reduce the amount of scams through SMS and mobile phones.
“Organisations such as the ATO, MyGov and other government or financial institutions now have multiple ways to identify itself and authenticate that it is in fact not a scam. In app notifications, branded links instead of shortened bitly (or equivalent) links etc are just a few ways that organisations are combating scams. But again, if in doubt, call the registered number on their website, don’t click the link in the sms or email and definitely do not send any personal information to an unknown source.” Adrian said.
Cyber security needs to be taken seriously.
Working in a largely online serviced based, we understand how critical it is to ensure our data, and that of our clients, is secure. It is only reasonable to expect your accountant keeps your financial statements & company information, highly confidential. There is a myriad of choice out there, and plenty to choose from, and to be frank, taking cyber security seriously is essential for taking your business seriously.
We’re passionately working with ambitious business owners who care about the success of their business.
