Phishing websites are fraudulent websites that deceive visitors by mimicking legitimate websites. These websites aim to trick visitors into giving away sensitive information, such as usernames, passwords and financial details. How to recognise and avoid phishing websitesHere are some tips that'll help you recognise and avoid phishing websites: | UI Expand |
|---|
| title | Check that the web address is legitimate |
|---|
| Check that the web address looks legitimatePhishing websites often imitate website addresses (URLs) to create the illusion that you're on a legitimate website. To check if a website has a legitimate URL, look for slight variations, misspellings or additional characters in the URL. For example, my0b.com or rnyob.com instead of myob.com. You can also check for the secure HTTPS connection. To check the HTTPS connection, click the padlock symbol in the top left corner of your browser. You should see a URL that matches the legitimate website and a message about a secure connection: 
You shouldn't see this (connection not secure): 
|
| UI Expand |
|---|
| title | Check that the website looks legitimate |
|---|
| Check that the website looks legitimateCompare the design and layout of the website with the official website. Look for inconsistencies, such as variations in colours, fonts, logos or overall design. Phishing websites may have poor-quality graphics, distorted images or irregularities that indicate a fraudulent copy. |
| UI Expand |
|---|
| title | Be wary of urgent requests |
|---|
| Be wary of urgent requestsPhishing websites and emails often use alarming messages to create a sense of urgency. They may claim your account has been compromised or that immediate action is required. Be cautious of such requests and independently verify the legitimacy of the message through trusted channels, such as your usual method of navigating to your MYOB application or contacting customer support. Here's an example of a fake MYOB email asking for immediate action: 
|
| UI Expand |
|---|
| title | Be wary of unexpected emails or messages |
|---|
| Be wary of unexpected emails or messagesPhishing attempts often begin with unsolicited emails, text messages or social media messages. Be sceptical of any message that asks for personal or sensitive information, especially if it redirects you to a website. Learn how to identify a typical, legitimate MYOB invoice email or SMS. How to avoid clicking on links to untrustworthy websitesWhen you receive an email or message with links, you can check the address (URL) for where it'll take you – without clicking on it – by hovering over it. Instead of clicking on links, you can manually type the URL of the website you wish to visit into your browser or use bookmarked links. Here's an example of a fake MYOB email that appears to be linking you to MYOB, but it is taking you to another website: 
|
| UI Expand |
|---|
| title | Trust your intuition on suspicious websites |
|---|
| Trust your intuition on suspicious websitesIf something feels suspicious or too good to be true, it probably is. Trust your instincts and exercise caution when interacting with websites that raise doubts. If you have any concerns about the legitimacy of a website, refrain from providing any personal information and report the suspicious activity to your organisation's IT or security team. |
What to do if you're the victim of a phishing scamIf you believe you have fallen for a phishing attack and suspect that your MYOB account may be compromised, it's crucial to take immediate action to protect your information and prevent further damage. Here are the steps you should follow: | UI Expand |
|---|
| title | 1. Report suspicious transactions to your financial institution |
|---|
| If you suspect the scammer has stolen money from you, immediately report any suspicious transactions to your bank or financial institution. Review your account balances, activity and transaction history to identify any unauthorised access or suspicious activity and transactions. Look for unfamiliar login locations, unrecognised transactions or changes to your account settings. |
| UI Expand |
|---|
| title | 2. Break off contact with the scammer |
|---|
| Cease all communication or business dealings with the suspected scammer. Report them in your social media and alert your business contacts about them. |
| UI Expand |
|---|
| title | 3. Change your passwords and set up 2FA |
|---|
| | title | 2. Change your passwordsImmediately change the password for the compromised account and any other accounts that share the same or similar passwords. Choose strong, unique passwords that include a combination of letters, numbers and special characters. |
|---|
| UI Expand |
|---|
Enable two-factor authenticationEnable two-factor authenticationMYOB software uses two-factor authentication. If you haven't already set it up, do so right away. This adds an extra layer of security by requiring a second verification step, such as a code sent to your mobile device, in addition to your password. Avoid using email as your method of 2FA. Use an authenticator app or SMS instead as these methods are more secure. |
| UI Expand |
|---|
| title | 3. Check for suspicious activity |
|---|
| Check for suspicious activityReview your account activity and transaction history to identify any unauthorised access or suspicious activity. Look for unfamiliar login locations, unrecognised transactions or changes to your account settings. | | UI Expand |
|---|
| title | 4. Report the incident to MYOB |
|---|
| Report the incident to MYOBLog into My Account and submit a support ticket by clicking Contact Support. |
If you believe you are the victim of phishing, please contact us immediately via this email address and we'll be in touch: securityincidents@myob.com. In your email, please provide as much detail as possible, like: - a brief description of the issue
- serial number or client ID
- name of the MYOB file
- email address that you use to login into MYOB with
- product or service you were using when you noticed the issue.
|
For more tips on identifying and protecting yourself from scams visit these websites: |
