Chat with us, powered by LiveChat
Category:

Identity Theft – Keep Your Personal Information Safe

March 25, 2020 in Security

Identity theft is a real threat, and in this day and age, you can never be too careful with your personal details.

Experts confirm that identity theft is indeed on the rise as fraudsters finding new ways to access and use information illegally.
Rachael Falk, CEO of the Cyber Security Cooperative Research Centre, it is as simple as your name, date of birth and postal address can be exploited by complete strangers.

Store owner Denish Alfred says he was a victim of identity theft after his shop was robbed and a USB digital storage device containing personal information taken. Mr Alfred said that information included his bank details, house details, citizenship certificate and drivers’ licence. Weeks later Ms Alfred received a fine for a toll road in Sydney for a car that was somehow registered in his name. A $14,000 charge then appeared on his credit card, followed by the removal of tens of thousands of dollars from the balance.

“And then I check my bank loan, home loan, they are withdrawing money from the home loan, putting in my credit card, taking from the credit card,” Mr Alfred said. All up, the thieves managed to steal $80,000. Ms Falk said in most cases you can protect against incidents like this by keeping a lock on your letterbox and by refusing to giving your personal details away to callers, even if they claim to be from your bank or the government.

Experts have also warned to be wary of some text messages. “Never respond directly to a text message or email that you might receive that says there’s a security problem. Consumers are also advised to refrain from sharing sensitive personal information when joining mailing lists and loyalty clubs.

“You don’t know how secure their systems that are holding that data,” Ms Falk said. “You don’t have to give your date of birth. You can always put in a different date.”

Experts suggest avoiding entering such details into forms that aren’t secure. When in doubt, contact the service provider and provide your information over the phone instead. Experts also warn to be wary of free apps that can access your personal details, and to always check their reviews and regularly update your device. “If you’re worried that you’ve overshared with an app, there is something you can do,” Ms Falk said. “Delete the app.”

Business also beware of identity theft as your details can also be used against you or to be used to gain access to sensitive information.

If you are requiring information on protection from these types of attacks. We can review your current situation and offer solutions and training for you and your staff.

For more information please email info@m1it.com.au or contact us today.

 

ATO cracking down on ATO MyGov abuse

March 25, 2020 in Uncategorized

The Australian Tax Office will be closely monitoring the 2018-2019 tax returns lodged through the ATO MyGov online service after some tax agents were found to be abusing the system by faking the self-prepared returned for clients.

Among the many taxpayers racing to claim a larger refund this tax time, the ATO has warned that it had detected instances where tax agents were inappropriately using the MyGov portal to manage the tax affairs or individual customers.

Tax agents are only permitted to use the dedicated services as the ATO’s tax agent online services for agents to manage the affairs of their clients.

The difference is important as there is a strong professional onus on tax agents not to submit dodgy claims for deductions. Lodging through the agent’s online portal also allows the ATO to see tax agents claiming behaviour and help guide industry behaviour.

“We have identified some registered tax agents using taxpayer’s personal login details to access their ATO Online account through the ATO myGov portal to lodge tax returns on behalf of clients,” the ATO said.

“MyTax is not an approved lodgement channel for registered agents and is a breach of the ATO Online terms and conditions.”

One of the reason for this is claims rorting, where the agent uses the MyGov portal to hide the fact that they have lodged the return.

The ATO said it will be closely monitoring the situation and using the full weight of its data matching and collection tool to identify and suspicious behaviour with lodgements.

The ATO has warned that agents who do not use the correct tax agent platform to manage their clients tax affairs are at risk of referrals to the Tax Practitioners Board.

Contact us today to discuss issues related to the MyGov portal or any other security concerns that you may have.

Cyber Attacks highly likely in VIC Government Services

June 3, 2019 in Security

Cyber Attacks are on the rise in the Victoria Health System. In worrying news for Victorians, recent investigations by Victoria’s auditor-general revealed weaknesses in physical security as well as password management and user access controls across a number of the state’s health services.

The report which was released today states that; “Staff awareness of data security is low, which increases the likelihood of success of social engineering techniques such as phishing or tailgating into corporate areas where ICT infrastructure and servers may be located,” 

Penetration testing of all 4 of Victoria’s health services, (Barwon Health (BH), the Royal Children’s Hospital (RCH), and the Royal Victorian Eye and Ear Hospital (RVEEH) revealed these weaknesses to potential cyber attacks.

The report went on to say “The audited health services are not proactive enough, and do not take a whole-hospital approach to security that recognises that protecting patient data is not just a task for their IT staff,”

Whilst MFA swipe cards were already in place within one of the health services included in the audit, another indicated that the task of implementing MFA in the form of either swipe cards or access tokens for staff would be too difficult a task and that it had the potential to endanger patients in the event of a clinician being without access to the facility without their swipe or access device.

Fault does not always fall to better passwords and MFA implementation. In three agencies, the audit found devices that hadn’t been patched or didn’t have antivirus protection, and had unsecured network ports. Examples of a major malware exploit WannaCry successfully exploited systems that hadn’t applied available patches or were running versions of Windows that were no longer supported by Microsoft.

These vulnerabilities can be easily overcome by planning and effective training of staff designed to avoid these cyber attacks from being executed.

Are you and your team still using old versions of Windows? Interested in Cyber Security training? After an audit on where you can improve your businesses Cyber Security protection? Contact us at support@m1it.com.au or on 1300 331 041 today.