30 January 2017
AUSkey fraud alert
Cases of identity thieves obtaining AUSkeys linked to legitimate businesses has recently been detected by ATO.
Once an fraudulent Auskey has been allocated, access is gained to the Business Portal.
Fraudulent BAS can be lodged and bank details updated to accounts that are not controlled by the entity.
They were able to detect the activity and take preventative action quickly.
ATO are working with the affected businesses to protect their online security and monitor activity on their accounts.
Take the following steps to check your Auskey:
- Check access manager to understand who in your business has AUSkey access.
- Check their level of access is appropriate to their role.
- Remove access for employees who no longer work for you.
- Check the financial institution and contact details you have recorded with ATO are correct.
Report any unknown or suspicious AUSkeys allocated to your organisation by calling 1300 287 539 between 8.00am and 6.00pm, Monday to Friday.
It is good business practice to conduct these checks on a regular basis.