A “near-perfect” clone of the centralised government services website, myGov, is duping Australians into handing over their passwords and credit card details.
According to enterprise email security provider, MailGuard, the dupe begins with a phishing email ostensibly from the Federal Government’s my.Gov.au site, telling the recipient to visit the site to verify their identity.
Recipients who click on a link in the email are then taken to a replica of the real myGov site. According to MailGuard, the fake web page’s unusual URL is a giveaway of the illegitimacy of the site.
“Experts from the MailGuard email security team compared the source code of the fake site and discovered it’s cloned directly from the real government website,” MailGuard said in a blog.
Once victims have been directed to the fake site, they are prompted to put their credit card details. Once this is done, they are then redirected to the genuine myGov website, in a bid to cover up the deception.
While the phishing email was distributed on a relatively small scale, it poses a large risk, according to MailGuard, with more than 11 million Australians claiming a myGov account, and information from various agencies, such as the Australian Taxation Office (ATO) and Centrelink accessed via the portal.
MailGuard said that the email originates from servers based in the Czech Republic, while the sending address used, email@example.com, is not an official Australian government address.
The clone myGov phishing campaign comes just months after a large-scale malicious email impersonating the ATO was revealed in February, with thousands of messages distributed nationwide.
Distributed in bulk, the malicious email has the potential to infect computer systems with anything from keylogging spyware to file-encrypting ransomware CryptoLocker.