Skip to main content

Watch out for invoice scams at tax time

Rajiv’s story

Rajiv, a registered tax agent based in Alice Springs, recently received an email from People Co, the national labour hire firm through which he employed extra staff during the peak June to October tax return period.

While the email bore a strong resemblance to others Rajiv had received from People Co, it was fake.

The sender had included an invoice for urgent payment, which featured the People Co logo and company branding, making it look very official and legitimate. The sender, whose name Rajiv didn’t recognise, informed him that People Co required further identification information from him, which had been lost due to an email malfunction.

The email included a link to a web form, which, the sender wrote, Rajiv needed to complete urgently to pay the invoice and ensure his contractors were paid.

Fortunately, Rajiv took the time to check with one of his People Co contractors who informed him they had already been paid. He also scrutinised the email further and discovered that the bank account details for payment were different to all the other previous invoices he’d received from People Co.

Smelling a rat, Rajiv took a closer look at the link included in the email: People Co’s name read ‘Peolpe Co’. The spelling error was one indicator that the email was fake. Given Rajiv took the time to verify the legitimacy of the email as a scam, he saved his business $20,000 that he would have otherwise paid this scammer.

Watch out for invoice scams at tax time

An online scam where a cybercriminal impersonates another business representative to trick an employee, customer or vendor into transferring money or sensitive information to the scammer, is known as business email compromise.

This type of business email compromise involves criminals sending emails from fake email addresses and websites that look legitimate.

These business email scams cause businesses significant financial damage, accounting for 63 per cent of all business losses reported to Scamwatch. The average loss is nearly $30,000!

Over the past three months the Australian Cyber Security Centre's 24/7 Watch team has received dozens of reports of business email scam incidents from individuals and affected organisations. A large portion of the enquiries have come from the construction industry, in part due to the high percentage of transactions between builders and their suppliers.

Warning signs for invoice scams

Slowing down and taking time to properly establish the source of information can be of enormous benefit. There are also some simple things you can do to help protect your business accounts online:

  • Be wary of emails that were unexpected, for example the invoice came from a supplier you haven’t dealt with in a while, or the payment amount differs from previous amounts.
  • Teach your staff to look out for other red flags of invoice scam emails like:
    • The supplier has provided new bank account details.
    • Urgent payment is requested or you’re threatened with serious consequences if payment isn’t made.
    • The sender is someone in a position of authority, particularly someone who wouldn’t normally send payment requests.
    • The email address doesn’t look quite right. For example, the domain name doesn’t exactly match the supplier’s company name. Double-check by looking at previous correspondence.
  • Never give out your personal identifying information unless you are certain who you are dealing with. Try and verify that emails are legitimate by independently checking with the sender. Contact organisations on an independently sourced number, not one provided to you.
  • Keep your business information secure. Beware of anyone asking you to ‘confirm’ your details and don’t share you details unless you’ve checked the person you are dealing with is who they say they are.
  • Always exercise caution when receiving or downloading attachments or clicking links in emails, text messages or social media posts, even if they appear to be from someone you know.
  • Stay alert at all times! Remain one step ahead of cybercriminals and keep your personal information secure online by following these easy steps.

Get help

The Australian Cyber Security Centre and the ATO recommend the following tips to help you protect your online information during this tax time.

  • Stay alert at all times! Remain one step ahead of cybercriminals and keep your personal information secure online by following ACSC on Facebook and signing up to the ACSC Alert Service.
  • If you are ever unsure whether an ATO interaction is genuine, don’t reply. Call the ATO on 1800 467 033 or visit the ATO to verify.
  • If you, your clients or your staff has paid or provided personal identifying information to an ATO impersonation scammer, call the ATO on 1800 467 033 to report.
  • Report suspicious emails claiming to be from the ATO by forwarding the entire email to and delete the email from your account
    • Do not click on a link, open an attachment or download a file
  • If you have been a victim of cybercrime, you can report it at ReportCyber. You can also seek assistance if your identity has been compromised from national identity and cyber support service, IDCARE, on 1800 595 160.
What to do topics
Threat types