accountants daily logo

Website Notifications

Get notifications in real-time for staying up to date with content that matters to you.

Accountants threatened as ATO portals targeted by identity thieves

Tax professionals have been urged to check their Access Manager permissions as criminal activity targeting AUSkeys becomes the latest in a spate of problems plaguing the ATO's digital services.

Technology Lara Bullock 01 February 2017
— 1 minute read

Earlier this week the ATO issued an update to tax professionals encouraging them to check their AUSkey Access Manager permissions.


The ATO detected criminal activity where identity thieves fraudulently obtained AUSkeys linked to businesses and used them to access portals, lodge activity statements and change account details for refunds.

The affected AUSkeys were cancelled and the ATO is working with the affected businesses to protect their online security and monitor activity on their accounts.

The ATO consequently urged practices to take steps to protect themselves from identity theft.

Suggestions included using Access Manager regularly to check that people's level of access to the portals is appropriate, cancelling AUSkeys for people who no longer work for the practice, and immediately disabling or removing a person's account if there are any concerns about their activities.

Practices should also ensure that each person who deals with the ATO online on behalf of the practice has their own AUSkey, keep passwords secure, and report any unknown or suspicious AUSkeys to the ATO.

Accountants threatened as ATO portals targeted by identity thieves
image intro
accountantsdaily logo