If your inbox has felt more suspicious than usual lately, you’re not imagining it. There’s been a sharp increase in phishing emails making the rounds, targeting individuals and businesses with scams that look increasingly professional. These emails often impersonate trusted organisations like the ATO, major courier services, and even your bank. They’re designed to trick you into clicking on fake links, downloading malicious attachments, or sharing personal or financial information.

At MKG Partners, we’ve seen a noticeable uptick in clients asking us to verify “ATO emails” or suspicious invoices. So here’s a practical guide to help you spot these scams and protect yourself.

Why Phishing Emails Are Spiking Now

Scammers time their attacks strategically:

• During tax season or BAS deadlines

• When refund notifications are expected

• Around public holidays or busy periods, when people are more distracted

Their aim? To catch you off guard when you’re likely to be expecting communication from official bodies

How Today’s Phishing Emails Trick You

Phishing has evolved. These aren’t the obviously dodgy messages of 10 years ago. Today’s scams:

• Use realistic branding and logos

• Mimic official tone and formatting

• Include fake “myGov” or “ATO” links

• Come from email addresses that look almost right (e.g. @ato-gov.com)

• Use urgency to push quick action: “Final notice”, “Your refund is ready”, “Account locked”

Red Flags: How to Spot a Phishing Email or SMS

Be Mindful of Suspicious Email or SMS Subject Lines

Keep an eye out for subject lines like: ‘Immediate Action: You Owe Tax’, ‘Important: Tax Refund Awaits’, ‘Alert: Missing Tax Return’

The ATO will not use sensational or alarming language to get you to act rashly. If you see such subject lines, it’s best to approach the email or SMS with skepticism.

Example of a phishing email impersonating the ATO. Source: Australian Taxation Office

Check the Sender

When you receive an email claiming to be from the Australian Taxation Office (ATO), the first line of defense is to verify the sender’s email address. Legitimate emails from the ATO will come from a verified domain that typically ends in ‘.gov.au.’ Don’t just rely on the display name; take a moment to hover your cursor over it or click to reveal the full email address. This is essential because scammers often use addresses that might appear trustworthy at first glance but show irregularities upon closer examination.

Additionally, be especially vigilant of emails that state they are ‘sent on behalf of’ a legitimate ATO email address. Cybercriminals are getting craftier, employing this tactic to make an email appear as if it is from a trustworthy source.

Example of a questionable email impersonating the ATO. Source: Scam Watch

The following is another phishing email that our staff received. While the name displayed suggests that it comes from our own domain, a closer examination of the email address reveals that it originates from ‘noreply@praxischool.com,’ with which MKG has no association.

Watch Out for Tricky Links

A legitimate email from the Australian Taxation Office (ATO) will not include hyperlinks that direct you to log in to your online services. Cybercriminals often use these “link traps” as a way to capture your login information or to lead you to a fake website where you might unknowingly enter sensitive information.

Always be cautious when an email asks you to click on a link to log in, especially if you didn’t expect to receive an email from the ATO. Instead, access your account by typing the official ATO website URL directly into your web browser. This ensures that you’re logging into the genuine site and keeps your information safe.

Pay Attention to the Language

If you receive an email claiming to be from the Australian Taxation Office (ATO) that uses aggressive language, threatening legal action, or demanding immediate payment, be cautious. Genuine communications from the ATO will not use scare tactics to get you to take quick action without thinking. These threatening messages are often a hallmark of phishing emails designed to make you act hastily and potentially compromise your personal or financial information.

What to Do if You Receive a Suspicious Email and SMS

• Avoid Clicks and Downloads: Don’t click on any links or download files from suspicious emails.
• Confirm with the ATO: If you’re not sure, call the ATO directly at 1800 008 540 to verify any claims made in the email.

• Report Suspicious Activity:  Forward any dodgy emails to ReportEmailFraud@ato.gov.au.

• Do not respond to the sender
• Delete the email or sms immediately

What to do if your information is breached

If you suspect that your personal or financial information has been compromised, the first step is to alert your bank or financial institution right away.

If you believe your Tax File Number (TFN) has been compromised, immediate action is contact the Australian Taxation Office (ATO) at 1800 467 033 to report the breach. They can guide you through the process of securing your TFN and can also provide advice on other steps you should take.

Additionally, it’s crucial to report the incident to the Australian Competition and Consumer Commission (ACCC) through their ‘Report a Scam’ page. This aids in both alerting the public about existing scams and helps authorities in taking possible action. When reporting, make sure to include any evidence you have, such as emails or screenshots.

Phishing emails and sms work because they look legitimate and create a sense of urgency. But a quick pause and a little scepticism  can save you from serious trouble. At MKG Partners, we encourage all clients to check before you click. If you’re ever unsure about a message that claims to be from the ATO, myGov, or even us, reach out and we’ll help you verify it.