HMRC have reported an increase in the number of ‘phishing’ emails in recent months. These are emails from scammers who disguise themselves as HMRC, often telling the recipient that they are due a tax refund. Typically the message will include a link to a site that looks like a genuine HMRC webpage, but in reality is a bogus site designed to trick you into providing personal details such as HMRC user IDs and passwords or bank details.
Phishing is nothing new, of course, and is widely used in an attempt to con victims into disclosing login details for bank, credit card or PayPal accounts. But scammers also like to disguise themselves as HMRC, the advantage being that they can try to trick the victim into believing they are entitled to a tax rebate, providing added incentive to act on the instructions given in the email.
So how can these emails be detected? There are a number of ways in which HMRC scam emails can be identified:-
First and foremost, HMRC never send such emails anyway. If they need to contact you about your personal tax affairs, they will usually write to you. Email is occasionally used, for example to remind you to complete a VAT return, but never to inform you about tax liabilities or refunds.
Phishing emails often use poor grammar and English, for example “our Systems indicate that yuo are intitled to a Tax refund in the Order of GBP3,265,58. to claim your refund Please click our Link at…”
Your software might flag the email as spam, or when you click the link, your browser may attempt to block the site or warn you of potential danger.
If an attachment is provided in .zip or .exe format, don’t open it as this could contain malware which may harm your computer.
If you are given a link to a website, look carefully at the URL, in particular the domain, which is the part immediately before the first forward slash ‘/’. This is true of any email containing links. Look at the following link:
At first glance this looks like a genuine HMRC URL as it begins with ‘www.hmrc.gov.uk’, but look at the section immediately prior to the first forward slash, and in fact the domain is ‘oiwjef.com’, clearly not connected with HMRC!
Some people are even less subtle than this, using web addresses that bear no resemblance to anything genuine. Look out for emails that land you at snfsllslakna.com or hiweiw.ru, and hit the delete button immediately!
Brought to you by N S Bookkeeping & Accountancy