Fake Centrelink myGov App Malware Scam
Scammers distribute fake apps branded as the Centrelink or myGov app outside the official app stores, targeting Australians who receive government payments. These apps harvest myGov credentials, Tax File Numbers, and banking details linked to benefit accounts.
Part of: Fake App Downloads
Last reviewed: 8 June 2026
Centrelink services are accessed primarily through the myGov portal and the official myGov app, which millions of Australians use to manage welfare payments, Medicare claims, and tax returns. The app's widespread use makes it a prime target for fake-app attacks.
Fraudsters create near-identical lookalike apps and promote them through phishing SMS, Facebook advertisements, and search-engine ads targeted at people searching for the myGov app. The fake app captures the myGov login credentials the user enters and uses them to access the real account, change bank account details, and redirect Centrelink payments to a fraudster-controlled account.
The genuine myGov app is available exclusively through the Apple App Store and Google Play Store under the developer Australian Government — Services Australia. Services Australia does not distribute the app through any other channel and will never send a download link by SMS or email.
How this scam works on the Centrelink brand
A targeted Facebook or Google ad, or an SMS message, promotes a new version of the myGov app claiming it is required to continue receiving Centrelink payments. The link leads to a convincing page mimicking the Services Australia website, offering an APK download for Android or a TestFlight beta link for iOS.
After installation, the app presents a myGov login page. Credentials entered are forwarded to the attacker, who logs in to the real myGov portal, navigates to Centrelink, changes the linked bank account to a prepaid card, and waits for the next payment cycle. The victim only discovers the fraud when an expected payment does not arrive.
Some fake Centrelink apps also target users' Tax File Numbers, which are stored or visible within myGov, enabling a secondary identity-theft attack.
Common red flags
- An SMS or social media advert promotes a downloadable Centrelink or myGov app update with an external link
- The download page is not the official Apple App Store or Google Play Store
- The app developer name on the store is not Australian Government or Services Australia
- The download requires enabling unknown sources on Android
- The app requests access to SMS, contacts, or accessibility services during setup
- The app version number does not match the current myGov app release
- Your Centrelink payment does not arrive on the expected date after installing the app
How to protect yourself
- Download the myGov app only from the Apple App Store or Google Play Store — search myGov and confirm the developer is Australian Government — Services Australia
- Never follow a link in an SMS or social media ad to download a government app
- If you installed a suspicious app, remove it immediately, change your myGov password, and review your linked bank account in Centrelink
- Enable myGov multi-factor authentication using the myGov Code Generator app
- Contact Services Australia at 136 150 if you suspect your account has been compromised
- Check your myGov inbox for any account change notifications you did not make
- Report the fraudulent advert to the platform where you saw it
How to report it
- Report to Services Australia on 136 150 or through the report-a-fraud page at servicesaustralia.gov.au
- Report to Scamwatch at scamwatch.gov.au
- Report the fraudulent app to the Apple App Store or Google Play through their reporting tools
- If financial loss occurred, contact your bank and file a report with the Australian Cyber Security Centre at cyber.gov.au/acsc/report
- Contact the ATO if your Tax File Number may have been exposed at ato.gov.au/General/Online-services/In-detail/myTax/
Frequently asked questions
How do I find the real myGov app?
Search for myGov in the Apple App Store or Google Play and look for the developer listed as Australian Government — Services Australia. The app is free and requires no external download link.
How quickly can an attacker redirect my Centrelink payments after getting my credentials?
An attacker can change the linked bank account almost immediately after logging in. The change may take a business day to process, meaning the next scheduled payment could go to the fraudster's account. Check your myGov account and contact Centrelink if you notice any account changes you did not make.
Is my Tax File Number exposed if my myGov account is compromised?
The TFN is partially visible in myGov for identity-verification purposes. A full TFN may be accessible in linked ATO records. If you believe your myGov account was accessed by an attacker, contact the ATO identity security team as well as Services Australia.