29 Jun 2017

Phishing scams - how to avoid being caught

Laptop showing email

The recent cyber-attack which affected thousands of businesses around the world has flagged up the importance of computer security and good practice. We are aware from our clients that they are receiving phishing emails purporting to be from HMRC. Spelling mistakes and poor grammar help to identify these but they are getting increasingly sophisticated.

HMRC has recently released details of a new phishing scam. They advise that if you get an email with the subject, “Your 2016 Tax Report”, with an attachment, do not open it. Please forward it to phishing@hmrc.gsi.gov.uk and then delete it.

They also give the following general advice:

  • Look out for a sender’s email address that is similar to, but not the same as, HMRC’s email addresses. Fraudsters often have email accounts with HMRC or revenue names in them (such as ‘refunds@hmrc.org.uk’). These email addresses are used to mislead you. However, be aware, fraudsters can falsify (spoof) the ‘from’ address to look like a legitimate HMRC address (for example ‘@hmrc.gov.uk’). If you’re not 100% sure that the message has come from us, don’t open it. If you do open the email and you’re in doubt don’t click on any links or downloads.
  • Fraudsters ask for immediate action. Be wary of emails containing phrases like ‘you only have 3 days to reply’ or ‘urgent action required’.
  • Emails from HMRC will never:

- notify you of a tax rebate

- offer you a repayment

- ask you to disclose personal information such as your full address, postcode, Unique Taxpayer Reference or details of your bank account

- give a non HMRC personal email address to send a response to

- ask for financial information such as specific figures or tax computations, unless you’ve given us prior consent and you’ve formally accepted the risks

- have attachments, unless you’ve given prior consent and you’ve formally accepted the risks

- provide a link to a secure log-in page or a form asking for information - instead we will ask you to log on to your online account to check for information

  • Fraudsters often include links to web pages that look like the homepage of the HMRC website. This is to trick you into disclosing personal/confidential information. Just because the page may look genuine, doesn’t mean it is. Bogus web pages often contain links to banks/building societies, or display fields and boxes requesting your personal information such as passwords, credit card or bank account details. You should be aware that fraudsters sometimes include genuine links to HMRC web pages in their emails; this is to try and make their emails appear genuine.
  • Fraudsters often send high volumes of phishing emails in one go, so even though they may have your email address, they seldom have your name. Be cautious of emails sent with a generic greeting such as ‘Dear Customer’. Emails from HMRC will:

- usually use the name you’ve provided to us, other than where you sign-up to HMRC subscription services

- always include information on how to report phishing emails to HMRC

  • Be cautious of attachments as these could contain viruses designed to steal your personal information.