ATO puts out urgent alert warning of cryptocurrency scam

Authorities have put out an alert for crypto users, warning of a current text message scam doing the rounds.

Authorities have put out an urgent alert for Australians with money invested in cryptocurrency, warning of a text message scam doing the rounds.

The bogus texts claiming to be from the Australian Tax Office (ATO) attempt to pin the receiver for cryptocurrency tax evasion and encourage mobile phone users to provide information about their online wallets.

“Scammers pretending to be from the ATO are telling people they are suspected of being involved in cryptocurrency tax evasion. They are then asking them to ‘connect their wallet’ and provide detailed information via a link,” the ATO wrote on Friday.

“If you receive an SMS or email like this, don’t click on the link. It will take you to a fake myGov log on page, designed to steal your personal information.”

The image below is one example of the format this scam can take.

“Scammers are phoning and emailing people, pretending to be financial advisers or super experts. They are encouraging people to invest their super in a supposedly high performing self-managed super fund (SMSF),” the ATO statement continued.

“These scammers will start by asking you for some information and may ask you to do a super comparison online. They are likely to be persistent and may contact you multiple times.

“Sometimes, they will fraudulently use the name and Australian Financial Service Licence (AFSL) of a real business and set up a fake website to appear legitimate.

“They will tell you there is no need for you to engage directly with the ATO, ASIC or any other tax or super professional.”

The warning came shortly after the ACCC put out another alert for mobile phone users, warning Aussies the annoying text messages telling them they’ve been tagged in videos online are continuing to come in thick and fast.

The ‘Flubot’ scam first arrived in Australia in August 2021, characterised by a text from an Australian phone number that enticed users to click on a link that would then infect their device with malware.

Bitdefender Labs wrote that “while investigating Flubot, researchers also discovered a Teabot variant being installed on devices without a malicious SMS being sent”. They linked the scam to a “Code Reader – Scanner App” that’s been “distributing 17 different Teabot variants for a little over a month”.

In a Tuesday release, Scamwatch reported there are a large number of different types of Flubot text messages and scammers are “updating them all the time”.

In some cases, if someone’s phone is infected with malware, their number is then used to send out more of the dodgy texts, much like a regular virus. The multiplying sources of text messages makes it extremely hard for experts to pinpoint the originator.

“Installing the software is likely to give scammers access to your passwords and accounts. They may be able to use this information to steal your money or personal information,” the statement read.

“It will also ask other infected Australian phones to send Flubot messages to the numbers it steals from your phone, continuing and expanding the scam. So, if you called the person that sent you the message, it would be another victim of the scam whose device was infected.