Trevor Riessen thought he had thwarted would-be thieves trying to lodge a tax return under his name, but then he got a letter from his superannuation fund congratulating him on the transfer of $20,000 out of his account.

Key points: Northern Territory Police say they are becoming increasingly aware of the "organised" nature of cybercrime

Northern Territory Police say they are becoming increasingly aware of the "organised" nature of cybercrime There have been more than 13,000 reports of cybercrime to the Australian Cyber Security Centre in the past three months

There have been more than 13,000 reports of cybercrime to the Australian Cyber Security Centre in the past three months Last year, there were more than 500 instances of cybercrime reported in the NT

The funds, the letter stated, were for a deposit on a house he had never heard of.

The Australian Tax Office (ATO) had fallen for a scam that targeted security weaknesses through the myGov website and a 2017 federal government First Home Super Saver Scheme.

The trouble started 12 months prior, when Mr Riessen, a Darwin resident, received a notification from the ATO about a review on an alternate tax return that had been filed under his name.

"Someone had basically put a false one in under my name and put their own information in for where they wanted the money to go," he said.

This year three people in the NT were sentenced for their roles in a scam worth hundreds of thousands of dollars. ( Supplied )

"They put in claims for vehicles and all sorts of other things that we just didn't have.

"That's what raised the alarm bells with the tax office. Had they just been a bit less greedy, it might have gone through."

He was able to put a stop to the scam before any money was paid and quickly went to work trying to figure out how someone had obtained so much information about him and his business.

"One thing led to another and basically we found out that it was probably via the myGov website," he said.

"I spoke to them and spoke to the ATO and wasn't able to get a lot of information about how people would have got in. They helped by giving us referrals to a not-for-profit site to make us improve our security."

Mr Riessen said myGov told him they had put in extra security on his account log-in.

Money moved from superannuation account

But early this year he again received another alarming notification.

"I received a letter in the mail from my superannuation fund, saying: 'Congratulations, we've transferred a sum of money out of your superannuation account'," Mr Riessen said.

The money was provided to the ATO after an application was made under the government scheme that allows first home owners to access their super funds for a property purchase.

"We're in our fifties. We have our house. We obviously don't even qualify for it," Mr Riessen said.

Again, Mr Riessen found the security issue came from the same source.

"When I questioned the superannuation fund and said: 'Well, how could you possibly release these funds without my authority or my knowledge?' Not even a phone call," he said.

"They said it was part of the ATO's scheme, 'They're responsible for all the applications and security on that. They basically just give us instructions to transfer x amount of dollars over to them'."

Never contacted before funds were transferred

Though the money had been sent from his superannuation, the ATO had not yet paid it out — so he was again able to stop the transfer.

Over 13,500 reports of cybercrime have been made to the Australian Cyber Security Centre since July 2019, at a rate of approximately one every ten minutes. ( ABC News: Emma Machan )

"It turns out that it was falsified account details to someone who was supposedly acting on my behalf," he said.

"It raises an obvious question: how can someone act on my behalf?

"I never actually got that question answered, but they must have supplied enough information through to the ATO to satisfy whatever their security requirements were."

Fraudulent myGov activity 'small': ATO

A spokesperson from the ATO said "extensive procedures" must be followed in order to allow someone to act on behalf of another person, including providing proof of identity, through myGov.

The spokesperson said these procedures, "will always include the client".

"Records, audits and logs are used to prove this has occurred," the spokesperson said.

"If an individual was to lodge a return without the taxpayers' knowledge, then this becomes a matter of compromised identity.

"If a client's identity is compromised then accounts are remediated and additional security measures are applied."

The spokesperson also said a person needs to be declared an "authorised contact" before they are able to access another person's records.

"Access is only granted once the required proof has been provided," the spokesperson said.

When asked if the ATO checked if someone already owned a home when an application was made under the First Home Super Saver Scheme, the spokesperson said the ATO would check, "in higher-risk cases, including whether an individual has previously owned property".

The spokesperson said fraudulent activity via myGov was subject to "ongoing review and investigations".

"The overall percentage of fraudulent links via myGov is small," the spokesperson said.

'Thousands targeting Australia right now'

Mr Riessen is one of a rising number of Territorians being targeted by thieves who are using loopholes and online vulnerabilities to access information.

Last year, there were more than 500 cyber scams reported in the NT.

Senior Constable Corbett said NT Police was taking note of increasingly sophisticated cyber criminals. ( ABC News: Melissa Mackay )

According to the Australian Cyber Security Centre, since July this year, more than 100 reports of cybercrime can be attributed to the NT.

About 40 per cent were defined as shopping fraud and identity theft, and 10 per cent were related to ATO and phone scams.

Another type of issue the NT cyber crime unit deals with is compromised business emails — when hackers infiltrate their way into a company's email account and send false invoices to customers.

NT Police Senior Constable Jason Corbett said the sophisticated behaviour of cyber criminals demanded the attention of both law enforcement and the public.

"[Cyber criminals] are organised criminals," he said.

"To be honest, there's probably thousands of people targeting Australia right now.

"It's profitable, and that's what it comes down to. Last year there was $20 million attributed solely to business email compromise, nationally, going offshore."