Tax scams 2025: What to look for and how to respond
Introduction:
With tax time fast approaching, many Australians are preparing to lodge their returns and meet key deadlines. This creates an ideal window for scammers to take advantage of the rush.
They send emails, texts, and make phone calls that appear to come from trusted sources like the ATO, aiming to trick you into handing over personal details or making payments.
These scams often use urgent language and convincing visuals, making them difficult to spot. In this blog, we will discuss the most common tax scams to look out for this year and share practical steps you can take to protect yourself.
Key takeaways
MFA scams use QR codes in emails to lead victims to fake myGov sign-in pages.
Tax lodgment scams send emails claiming your return has been received.
Fake TFN and ABN websites charge fees and steal information.
Phone scammers claim you owe taxes and demand urgent payment.
Report any suspicious messages to ScamWatch or the ATO.
Tax scams to watch out for in 2025
It only takes one misleading message to expose your business to risk. To stay informed and protected this tax season, check out these common tax scam warnings.
ATO impersonation email scam:
ATO impersonation email scam involves fake messages claiming your taxable income has been recalculated and you are entitled to a refund. Victims are asked to reply with personal details such as their TFN, Medicare card, driver’s licence, or payslips.
Scammers use this information to steal tax refunds, access myGov accounts, or commit identity fraud. In February 2025, the ATO received over 7,500 scam reports, a 30% jump from the previous month, showing a sharp rise in these attacks.
myGovID to myID scam:
Scammers are exploiting the ATO’s recent name change from myGovID to myID by sending fake messages asking users to reconfirm their details. These messages contain fraudulent links to a fake myGov login page designed to steal personal information.
Stay safe:
- You don’t need to set up a new myID or reconfirm anything.
- Never click on links or scan QR codes in unexpected emails or texts.
- Access ATO or myGov only by typing the official URL in your browser.
- Only download the myID app from official app stores.
- Never share your login code.
Multi Factor authentication email scam:
MFA email scams involve fake messages pretending to be from the ATO, claiming that you must update your multifactor authentication (MFA) settings. These emails include a QR code that takes you to a fake myGov sign-in page designed to steal your login details.
In 2022, Australians lost over $3.1 billion to scams, with phishing emails being one of the most common methods used by scammers.
It is important to note that the ATO does not send emails with QR codes or direct login links. If you receive one, forward it to reportscams@ato.gov.au and delete the message.
Tax lodgment email scam:
The tax lodgment email scam involves fraudulent emails claiming to be from the ATO. These emails tell you that your tax return has been received and ask you to open an attachment to complete further steps.
The attached file leads to a fake Microsoft login page that is set up to steal your account credentials. If you enter your details, scammers can access your Microsoft account and potentially take control of other connected services like banking, email, or online shopping.
Always be cautious with unexpected messages, especially those asking you to open files or provide personal information. If something feels suspicious, take a moment to verify it before you act.
TFN and ABN application scams:
TFN and ABN application scams involve fake websites that offer to help people apply for a Tax File Number (TFN) or Australian Business Number (ABN) for a fee. These scams are often promoted through ads on social media platforms like Facebook and Instagram.
After collecting your personal details, these websites send fake invoices or ask for payment. No real application is lodged, and your information may be stolen or used for identity fraud.
TFN and ABN applications are free when completed through official government websites. If you use a tax agent, always check that they are registered with the Tax Practitioners Board.
Need help with your TFN or ABN application?
Phone scam:
Phone scam involves fraudsters calling people and claiming they owe a tax debt that must be paid immediately. The scammers pose as ATO representatives and use urgent language to pressure victims into making quick payments.
This is a sign of a scam. ATO never demands immediate payment or uses threats. If you receive a call like this, stay calm. Do not provide any personal or banking details. Hang up and independently check the official ATO contact number if you want to confirm whether a debt exists.
Being aware of these tactics is the first step in protecting yourself from fraud.
Steps you can take to avoid tax scams in 2025
Here are the steps you can take in 2025 to protect your information and reduce your risk of falling victim to a tax scam:
1. Be cautious of unexpected contact
Scammers often pose as trusted organisations like the ATO, your bank, or even the police. Treat any unsolicited message, call, or email with suspicion, especially if it asks you to verify your identity or take immediate action.
2. Avoid clicking on links in messages:
Fraudulent links are used to redirect victims to fake websites or install malware. Never click on links in text messages or emails claiming to be from the ATO. Instead, manually enter official web addresses into your browser.
3. Only use verified contact information:
If you need to respond to a message or confirm whether it’s legitimate, do not use the contact details provided in the message itself. Find the organisation’s phone number or email through its official website or app.
4. Never share sensitive information:
The ATO and other legitimate bodies will not ask for your Tax File Number, online banking passwords, or remote access to your computer via phone or email. If you are asked for this information, it's likely a scam.
5. Recognise and reject suspicious payment methods:
No genuine organisation will request tax payments via gift cards, cryptocurrency, or unusual money transfers. If you are asked to pay in this way, it’s a strong indication of fraud.
6. Act quickly if you think you have been targeted:
If you notice suspicious activity or believe you have shared information with a scammer, contact your bank immediately. Report the incident to ScamWatch and ReportCyber to reduce the risk and help protect others.
7. Strengthen your digital security:
Use strong, unique passwords and enable two-factor authentication on all important accounts. Keep your devices updated and install reputable security software to help detect and block threats before they reach you.
Final thoughts
Tax scams are becoming more sophisticated, and when your business data is at risk, even one suspicious message can cause serious disruption. Unexpected contact from the ATO can be confusing, especially if you are unsure what’s genuine. That’s where CleanSlate comes in.
We support businesses year-round with tax compliance and help them recognise and respond to potential scam activity. As an ISO 27001 certified provider, we follow strict security standards to keep your information safe and confidential.
If your business receives a message that doesn’t seem right or needs support with lodgements or ATO communication, we’re here to help. Contact CleanSlate today for peace of mind.
