Learn how to secure your MyGov account to ensure you don’t become a victim.
As it’s now tax time in Australia, you’re likely to encounter more phishing attempts targeting your MyGov account. To safeguard yourself, follow the steps below.
- Update your password
- Ensure you’re using a strong and unique password.
- Attackers can easily brute force weak passwords or use a method called credential stuffing, where they use compromised emails and passwords from previous breaches to attempt access.
- You can check if your email has been compromised in a previous breach by using the service “Have I Been Pwned.”
- To update your password:
- Log onto MyGov.
- On the home page, click on “My Account,” which can be found in the top right corner.
- Then click on “Account Settings.”
- Select “Manage Password.”
- Enable 2 Factor Authentication
- The most effective way to protect your account is to enable 2-Factor Authentication (also known as MFA or 2FA). This usually involves providing a code in addition to your password.
- To enable 2FA:
- Log onto MyGov.
- On the home page, click on “My Account,” which can be found in the top right corner.
- Then click on “Account Settings.”
- Select “Manage 2-Factor Authentication.”
- Enable myGov Code Generator App
- Avoid using SMS codes, as mobile phone numbers can be easily hijacked.
- Instead, download the MyGov Code Generator App from your phone’s App Store.
- Review Connected Devices
- MyGov keeps track of devices logged into any MyGov applications, such as Medicare.
- Deactivate any unknown devices.
- To review connected devices:
- Log onto MyGov
- On the home page, click on “My Account,” which can be found in the top right corner.
- Then click on “Account Settings.”
- Click on “Connected Devices.”
- Pedoicatally Review Account History
- Review your account activity, including sign-ins, linked services, and unlinked services.
Following these steps adds an extra layer of security to your account. However, attackers can still gain access to your MyGov account through phishing attempts. Avoid clicking on links from unsolicited SMS and emails; instead, visit the website directly.
Related
Post comments (0)