Close this search box.

Eight Caught in myGov Website Phishing Operation


In a coordinated operation, the Royal Malaysian Police, Australian Federal Police, and the FBI have arrested eight individuals involved in a phishing scheme targeting Australia’s myGov website. This effort showcases the ongoing battle against cybercrime in protecting significant government services. 

Phishing Scheme Details: 

These individuals were part of a group that used phishing kits to mimic government websites, with a focus on myGov. The Australian Federal Police stated that these kits included templates for sites from Australia, Malaysia, and the United States. MyGov, a central platform for government services, is a common target for such scams, leading to frequent account suspensions for security reasons. 

What’s a Phishing Kit? 

A phishing kit is a collection of tools and resources used by cybercriminals to set up and execute phishing scams. Typically, it includes pre-made templates that mimic legitimate websites, scripts to capture and store stolen information like usernames and passwords, and instructions on how to launch and manage the scam. Phishing kits enable attackers, even those with limited technical skills, to quickly deploy convincing phishing websites aimed at tricking individuals into revealing sensitive data. 

Key Arrests and Seizures: 

The operation’s breakthrough was the arrest of a 35-year-old man from Borneo, accused of distributing the phishing kits and managing the hosting service. The police seized usernames, passwords, cryptocurrency details, and hardware, including servers and modems, from his home and a business site. 

International Collaboration in Cybercrime Investigations: 

This case was a product of the combined efforts of the RMP, AFP, and FBI. The FBI linked the operation to an organised crime group, while the AFP’s Joint Policing Cybercrime Coordination Centre played a key role in intelligence sharing. 

Following the rising trend in phishing scams, the Australian government, through Bill Shorten’s office, has reported over 6,000 myGov-related scams this year. Enhanced ID verification processes are being implemented on sites like myGov to combat these threats. 

Current Phishing Threat Landscape: 

  • Phishing attacks have become more complex, often involving detailed website replicas and sophisticated social engineering to trick users. 
  • These attacks frequently target reputable platforms like myGov, leveraging their trust to extract sensitive user information. 

Updating Cybersecurity Practices: 

  • Both individuals and organisations need to stay informed about the latest phishing tactics to prevent successful attacks. The Gridware Blog regularly updates readers with new information and strategies to counter emerging threats. 
  • Practical measures, such as regular software updates, secure password practices, and being cautious with unsolicited communications, is crucial in protecting against phishing. Learn more about practical measures in our Cyber Security Guide. 
  • Given that 74% of breaches involve human factors such as social engineering, errors, or misuse, investing in employee cybersecurity training is an important step in reducing these risks. 
Ahmed Khanji

Ahmed Khanji

Ahmed Khanji is the CEO of Gridware, a leading cybersecurity consultancy based in Sydney, Australia. An emerging thought leader in cybersecurity, Ahmed is an Adjunct Professor at Western Sydney University and regularly contributes to cybersecurity conversations in Australia. As well as his extensive background as a security advisor to large Australian Enterprises, he is a regular keynote speaker and guest lecturer on offensive cybersecurity topics and blockchain.


Sydney Offices
Level 12, Suite 6
189 Kent Street
Sydney NSW 2000
1300 211 235

Melbourne Offices
Level 13, 114 William Street
Melbourne, VIC 3000
1300 211 235

Perth Offices
Level 32, 152 St Georges Terrace
Perth WA 6000
1300 211 235


Learn more about the team at the forefront of the Australian Cyber Security scene.

About Us →

Meet the Team →

Partnerships →

Learn more about the team at the forefront of the Australian Cyber Security scene.

Career Opportunities →

Internships →

Media appearances and contributions by Gridware and our staff.

See More →



Whether you need us to take care of security for you, respond to incidents, or provide consulting advice, we help you stay protected.

View all services →

Web App Pen. Test Calculator →

Network Pen. Test Calculator →

Governance & Audit

Legal and regulatory protection

Penetration Testing

Uncover system vulnerabilities

Remote Working & Phishing

Fortify your defenses

Cyber Security Strategy

Adaptation to evolving threats

Cloud & Infrastructure

Secure cloud computing solutions

Gridware 360

End-to-end security suite

Gridware Managed Services

Comprehensive & proactive security

Gridware CloudControl

Harness the benefits of cloud technology

Gridware Incident Response 24/7

Swift, expert-led incident resolution



A collection of our published insights, whitepapers, customer success stories and more.

Customer success stories from real Gridware customers. Find out how we have helped others stay on top of their Cyber Security.

Read More →