Daily Bulletin


  • Written by Roberto Musotto, Cyber Security Cooperative Research Centre Postdoctoral Fellow, Edith Cowan University

Alongside growing concerns over a possible resurgence of the coronavirus during winter, the pandemic is now creating even more victims as cybercriminals aim to capitalise on the economic upheaval.

According to news reports, people have had money stolen from their super funds by fraudsters exploiting the COVID-19 early access scheme.

The attackers reportedly used victims’ stolen identity credentials to create fake myGov accounts and lodge applications for the early release of up to A$10,000 from superannuation accounts.

If you’re worried about accessing the scheme, there are a few ways you can strengthen your protection against fraudsters looking for quick financial gain at your expense.

Read more: Don't be phish food! Tips to avoid sharing your personal information online

Always looking for weak points

COVID-19 has threatened the national economy and left more than 700,000 people without work. In April, the federal government responded by allowing access to A$10,000 worth of super funds for eligible applicants in this financial year, and a further A$10,000 after June 30, to help sustain people during this difficult time.

Unsurprisingly, cybercriminals have sought to take advantage of flaws in the scheme.

In May, the Australian Taxation Office reportedly found at least 100 cases of applications lodged using stolen personal information.

It’s not known how attackers managed to access the personal information required for such fraud. It may have been stolen earlier this month from the hacked customer files of a tax agent, as confirmed by federal home affairs minister Peter Dutton.

Or this may have been a less sophisticated scheme. All it takes to steal identity details is a fake email or web page that looks trustworthy enough to dupe you into sharing your information.

Cybercriminals often try a broad approach, sending the same malicious email to hundreds of thousands of people in the hope someone will fall into the trap. And someone usually does.

What can you do to stay safe?

Now is a good time to check your super fund statement to make sure there hasn’t been any unauthorised withdrawal. Even better, you should regularly check all financial statements, including bills. If you see a transaction you don’t remember making, block your bank cards and inform your bank immediately.

Although there are algorithms that help detect credit card fraud, you are the only person who can recall whether you made a specific purchase. With online shopping booming during lockdown, the pool of potential victims has increased.

It’s also common for fraudsters to “test” whether a credit card works by deducting a very small amount (as little as 10 cents) with a generic description such as “service fee” or “top-up charge”.

This may seem insignificant, but for cybercriminals it’s the “perfect crime” as its simplicity and perceived lack of damage means it often escapes detection. Also, the operational costs of committing such a crime are very low, which means more people can be targeted.

Is your super money safe? Here's how you can dodge cyber fraud In some ways, making very minor deductions from victims’ accounts is a ‘perfect crime’ for cybercriminals. These charges tend to go unnoticed, but add up in the end. Shutterstock

Verify information and report

One foolproof way to keep your personal information safe from hackers is to double-check the websites you use – whether it’s for online shopping, checking emails or chatting with friends online. Make sure there are no obvious spelling mistakes in the URL, or otherwise.

If in doubt, try to verify the site’s legitimacy through a quick Google search. Often some online cross-checking, or a phone call to an organisation’s official phone number, is enough to reveal a scammer. And if you can’t confirm authenticity, ask yourself: is sharing my details worth the risk?

If anything doesn’t seem right, always report it to the relevant authorities so others don’t fall victim. In Australia and New Zealand, you can report identity theft on IDCARE and any type of cybercrime on the government’s ReportCyber website.

And if do become victim to fraud, alert your superannuation provider and bank as soon as possible. Cybercrime victims should always be empowered to report fraud, as this is the first step to potentially getting your money back.

Read more: 'Click for urgent coronavirus update': how working from home may be exposing us to cybercrime

Are more checks needed?

Some ways to potentially make the early release of super funds more secure include allowing only one verified account per person which should be confirmed, potentially via a physical interview, before any account activity is carried out. Requiring double-factor authentication throughout the process of submitting an application would also be helpful.

The successful exploitation of the scheme indicates the government may have rushed trying to process and complete applications. One member of the public said it took 12 hours to have their application approved.

This sudden administrative efficiency raises reasonable doubt about the level of security checks in place. And if fraudsters have managed to bypass security protocols, it’s very likely more checks will be needed.

Authors: Roberto Musotto, Cyber Security Cooperative Research Centre Postdoctoral Fellow, Edith Cowan University

Read more https://theconversation.com/is-your-super-money-safe-heres-how-you-can-dodge-cyber-fraud-139758

Writers Wanted

My favourite detective: Sam Spade, as hard as nails and the smartest guy in the room


Worried about COVID risk on a flight? Here's what you can do to protect yourself — and how airlines can step up


Fixing Your Bad Credit


The Conversation


Prime Minister Interview with Kieran Gilbert, Sky News

KIERAN GILBERT: Kieran Gilbert here with you and the Prime Minister joins me. Prime Minister, thanks so much for your time.  PRIME MINISTER: G'day Kieran.  GILBERT: An assumption a vaccine is ...

Daily Bulletin - avatar Daily Bulletin

Did BLM Really Change the US Police Work?

The Black Lives Matter (BLM) movement has proven that the power of the state rests in the hands of the people it governs. Following the death of 46-year-old black American George Floyd in a case of ...

a Guest Writer - avatar a Guest Writer

Scott Morrison: the right man at the right time

Australia is not at war with another nation or ideology in August 2020 but the nation is in conflict. There are serious threats from China and there are many challenges flowing from the pandemic tha...

Greg Rogers - avatar Greg Rogers

Business News

Cybersecurity data means nothing to business leaders without context

Top business leaders are starting to realise the widespread impact a cyberattack can have on a business. Unfortunately, according to a study by Forrester Consulting commissioned by Tenable, some...

Scott McKinnel, ANZ Country Manager, Tenable - avatar Scott McKinnel, ANZ Country Manager, Tenable

InteliCare triple winner at prestigious national technology awards

InteliCare triple winner at prestigious national technology awards Intelicare wins each nominated category and takes out overall category at national technology 2020 iAwards. Company wins overal...

Media Release - avatar Media Release

Arriba Group Founder, Marcella Romero, wins CEO Magazine’s Managing Director of the Year

Founder and Managing Director of the Arriba Group, Marcella Romero, has won Managing Director of the Year at last night’s The CEO Magazine’s Executive of the Year Awards. The CEO Magazine's Ex...

Lanham Media - avatar Lanham Media

News Co Media Group

Content & Technology Connecting Global Audiences

More Information - Less Opinion