Phishing emails purporting to come from HMRC on the rise

12 December 2017

With 31 January looming, the season of bogus emails tempting you with the offer of a tax refund is upon us again. Of course in reality, these scammers are simply trying to get your bank or credit card details so that they can raid your bank accounts.

A recent scam email looked like this:


From: HM Revenue.co.uk <lionel.lockley19–EMBGHV–QYL1N0S–HB518MGX@argyll-bute.gov.uk>
To: joebloggs@hotmail.co.uk
Subject: Your recent payment confirmation receipt – |”NSTO/PG/272618921/17″|

THIS IS AN AUTOMATED EMAIL – PLEASE DO NOT REPLY AS EMAILS RECEIVED AT THIS ADDRESS CANNOT BE RESPONDED TO.

Hi {joebloggs@hotmail.co.uk},

You are eligible to receive a refund of up to 422.65 GBP.

We tried to send it to you automatically but we don’t have a credit/debit card stored on your account.

{Ready to claim it now?}

-have your credit/debit card ready
-open the application in your browser and login to your Customer Portal account
-follow the instructions on your screen

Customer Portal – http://hmrevenue-txid-xxxx-xxxx.com

Summary:
–  Issuing No: 08624248350241
–  ID Number : 65501BF00837
–  Receiver : joebloggs@hotmail.co.uk
–  Payment method : Online to your VISA/MASTERCARD

This e-mail is only intended for the person(s) to whom it is addressed and may contain confidential information. Unless stated to the contrary, any opinions or comments are personal to the writer and do not represent the official view of the company. If you have received this e-mail in error, please notify us immediately by reply e-mail and then delete this message from your system. Please do not copy it or use it for any purposes, or disclose its contents to any other person. Thank you for your co-operation.

We have previously contacted HMRC’s specialist department concerning such fraudulent activity, and they stated that HMRC will never send notifications of a tax refund or ask people to disclose personal or payment information by email. If, after receipt of a HMRC-related email scam you have disclosed any of the following information:

  • personal information such as a password or user ID;
  • credit or debit card information;
  • or if you have reason to believe that your computer has been exposed to a virus;

HMRC recommend that you forward a report to them at security.custcon@hmrc.gsi.gov.uk. If you have disclosed credit/debit card information you should inform your bank/card issuer immediately.

There’s a helpful section on HMRC’s website that explains how to recognise a legitimate email from HMRC and it also gives examples of the latest scam and phishing emails that are circulating to help you spot real from fake. One thing you can do to help HMRC investigate the huge volume of phishing emails that are issued is forward emails like the one above to phishing@hmrc.gsi.gov.uk.

Hopefully you will never fall prey to a phishing email, but scammers’ methods are always changing and evolving. Help to protect yourself from malicious emails by using up-to-date spam filters and anti-virus software, and never disclose personal information or bank details in response to an email purporting to be from HMRC.

If you have any questions about this blog, please contact your usual UHY adviser or fill out our contact form here.