Protecting you and your business from cybercrime

Recently, Australia has seen an increase in sophisticated scams and fraud. It’s a serious problem affecting many Australian businesses. Criminals are constantly changing how they scam and defraud the community and we all have a part to play in staying vigilant.

ATO Strengthens Security in the Face of Rising Cybercrime

From 13 November 2023, the Australian Taxation Office (ATO) is expanding the requirements of its client-to-agent linking system to include all types of entities with an ABN (excluding sole traders). In doing so, the ATO aims to combat increasingly sophisticated criminal attempts to defraud the system, while also protecting taxpayers and their agents from fraud and identity-related theft.

The ATO’s decision to implement these changes aligns with a broader program of work being rolled out to strengthen the security of their systems and data, making the client-to-agent linking system more inclusive and robust. Under the revised procedure, entities falling under the scope of this expansion will be required to nominate their agent before the agent can include them in their client list. More details on the ATO website: We’re expanding the client-to-agent linking process | Australian Taxation Office (

Protecting You and Your Money: Valuable Tips

Bentleys offers the following valuable insights to our clients and community to help you defend against cybercrime. This involves securing your personal, proprietary, and financial information and being vigilant about any suspicious activity linked to personal or business accounts.

Guard your Personal and Confidential Information

Your personal information is your identity so, it’s essential to protect it. This includes sensitive details such as: Full Name, Date of Birth, Current Address, Bank Account and Credit Card Details, Tax File Number (TFN), MyGov and ATO Online Login Details, Driver’s Licence, Proof of Age Card and Passport Details, Passwords, Medicare or other government IDs.

Never share your personal information with anyone unless they are:

  • People you trust explicitly.
  • Organisations with a legitimate need for it.
  • Authorised personnel whose identity is verified.

Securely Store Your Personal and Confidential Information:

  • Avoid leaving your personal and confidential information in easily accessible places.
  • If stored on your mobile phone, ensure it’s password protected.

Social Media Caution:

  • Do not share your personal information on social media. It can never be completely erased once posted, even if you delete it.

Use a Registered Tax Agent:

  • Always verify that your tax agent is registered by checking the Tax Practitioners Board Link website
  • Never share your MyGov login details with anyone, including your registered tax agent. Registered tax agents have their own systems to complete your tax return and do not require access to your MyGov and ATO online accounts.
  • Only registered tax agents can charge you a fee to prepare and lodge your tax return.

General Security Tips:

  • Check for HTTPS or padlock symbol: Ensure the website starts with “https://” or displays a padlock symbol🔒 when sharing sensitive information for encryption.
  • Use Strong Passwords: Create complex, non-predictable passwords with special characters. Avoid using easily guessable info and don’t reuse passwords across accounts. Periodically change passwords.
  • Use a password manager: Utilise a password manager for unique passwords across systems.
  • Enable Multi-Factor Authentication (MFA): Enhance security with MFA, like phone passcodes or authentication apps, instead of SMS.
  • Avoid Public Wi-Fi: Public Wi-Fi networks are often not secure. Avoid logging into sensitive accounts on public Wi-Fi.
  • Verify Caller Identity: Never grant unsolicited callers remote access or share confidential data. Confirm their identity through official channels.
  • Beware of Suspicious Links: Don’t click on links in emails or messages unless you can verify their authenticity.
  • Exercise Caution: Verify the legitimacy of offers, especially during stressful times when scammers target vulnerability.
  • Be Sceptical of Requests: Approach requests for personal information or payments with suspicion.
  • Verify Change of Detail requests: Confirm requests to change banking details directly from a trusted source.
  • Consider the Use of Multiple Emails: Keep business and personal emails separate and use them for their intended purposes.
  • Use an Anti-Virus Solution: Install and update effective anti-virus solutions on devices used for sensitive information.

By following these tips, you can significantly reduce the risk of falling victim to cybercrime and protect your personal and financial well-being. If something doesn’t feel right or you think you’ve been the victim of a scam, contact your bank immediately.

Stay up to date on security alerts and more such simple ways to protect users at home, at work and on mobile devices by subscribing to Australian Cyber Security Centre (ASD’s ACSC) Alert Service: Sign up for alerts |

Channels for Client Communication and Notifications

Bentleys Queensland employs various platforms and systems to securely communicate and share data with clients. Clients can expect to receive legitimate notifications from Bentleys Queensland via email and/or SMS, originating from various systems. Among the frequently used data and file-sharing platforms for these client interactions are:

  • FuseSign and DocuSign for digital signing of documents
  • ATO SmartDocs for ATO correspondence
  • Secure file transfer (VFX) through Outlook for safe document access via email
  • Inflo, a data transfer portal for clients’ access.

If you ever have doubts about an email or SMS notification you’ve received, please don’t hesitate to contact your Bentleys advisor for confirmation. Ensuring the security and privacy of our client’s data is paramount.

We hope this information is of benefit and helps keep you safer; we’re in this together.