Phishing Scams: UK Tax Service Issues A Warning

The volume of smishing reports increased by 56% to reach 57, 579 while the number of phone scams reported by the public jumped by a staggering 234% to reach 195, 720 in 2019.  The volume of fake UK Tax Service (HMRC) phishing emails reported by the British public has fallen sharply over the past two years, whilst over the same period reports  of tax related to SMS tesxt and phone-based scams has  increased.

The leading UK legsl fim Griffin Law obtained the figures from the UK HMRC under a freedom of information request related to their suspicious tax email referral service and it doesn’t provide a full picture of the scale of the phishing threat facing Brirish taxpayers, it does give useful insight into general trends.

From January 1 2018 to December 31 2019 there were a total of over 1.5 million reported scams. Although the vast majority (77%) of attacks came via email, the volume actually dropped by 60% between 2018 and 2019.

That could partly be explained by greater public awareness of such scams, but also seems to show an increasing willingness on the part of fraudsters to use different communications methods to trick taxpayers. “It’s no surprise that cyber-criminals see impersonating HMRC through fraudulent phishing schemes as an easy route to securing cash pay-outs from unsuspecting victims", Chris Ross SVP of network security company Barracuda Networks speaking to Infosecurity Magazine.

“Moving forward, it’s vital that there is much more public awareness about how advanced and prevalent these phishing schemes have become. It’s also important to recognise the lengths these criminals will go to trick entrepreneurs, finance workers and vulnerable or elderly people into handing over PIN codes or transferring money to false accounts.”

The HMRC is reported to have received over 2.6 m phishing reports from the public since the 2016-17 financial year and with the support of the British National Cyber Security Centre (NCSC) the tax servive has been taking measure to improve resilience against these attacks.

HMRC Advice:

  • Recognise the signs - genuine organisations like banks and HMRC will never contact you out of the blue to ask for your PIN, password or bank details.
  • Stay safe - don’t give out private information, reply to text messages, download attachments or click on links in emails you weren’t expecting.
  • Take action - forward details of suspicious calls claiming to be from HMRC to phishing@hmrc.gov.uk and texts to 60599, or contact Action Fraud on 0300 123 2040 or use their online fraud reporting tool, especially if you suffer financial loss.
  • Check GOV.UK for information on how to avoid and report scams and recognise genuine HMRC contact.
  • If you think you have received an HMRC related phishing/bogus email or text message, you can check it against the examples shown in this guide.

HMRC:         Griffin Law:        Inforsecuity Magazine:       National Union of Students

You Might Also Read: 

The Most Common Cyber Attacks:

 

 

 

 

« AI Is Closing The Cyber Skills Gap
Teens Abandon TV and Take News On-Line »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

SCADAhacker

SCADAhacker

SCADAhacker provides mission critical information relating to industrial security of SCADA, DCS and other Industrial Control Systems.

Cyber Defense Media Group (CDMG)

Cyber Defense Media Group (CDMG)

CDMG is the leading global media group for all things cyber defense.

Gamma

Gamma

Gamma is a leading provider of Unified Communications as a Service (UCaaS) into the UK, Dutch, Spanish and German business markets.

cPacket Networks

cPacket Networks

cPacket’s distributed intelligence enables network operators to proactively identify imminent issues before they negatively impact end-users.

Perception Point

Perception Point

Perception Point is a Prevention-as-a-Service company, built to enable digital transformation. Our platform offers 360-degree protection against any type of content-based attack.

Signal Sciences

Signal Sciences

Signal Sciences Web Protection Platform (WPP) provides comprehensive threat protection and security visibility for web applications, microservices, and APIs on any platform.

Edureka

Edureka

Edureka is an online technology training provider with the most effective learning system in the world. We help professionals learn trending technologies for career growth.

Deduce

Deduce

Deduce use a combination of aggregate historical user data, identity risk intelligence, and proactive alerting to deliver a robust identity and authentication solution.

Silent Sector

Silent Sector

Silent Sector is a cybersecurity services company that specializes in providing a wide range of managed security services.

Nitrokey

Nitrokey

Nitrokey is the world-leading company in open source security hardware. Nitrokey develops IT security hardware for data encryption, key management and user authentication.

Sotero

Sotero

Sotero is the first cloud-native, zero trust data security platform that consolidates your entire security stack into one easy-to-manage environment.

Aembit

Aembit

Aembit is the Identity Platform that lets DevOps and Security manage, enforce, and audit access between federated workloads

DEKRA

DEKRA

DEKRA’s promise is to ensure the safety of human interaction with technology and the environment.

Zyber 365

Zyber 365

Zyber 365 are providing a robust, decentralized, and cyber-secured operating system which adheres to the fundamental principles of environmental sustainability.

Barclay Simpson

Barclay Simpson

Barclay Simpson is proud to have a long history of delivering cyber security, technology and governance recruitment services.

Security Awareness Special Interest Group (SASIG)

Security Awareness Special Interest Group (SASIG)

The Security Awareness Special Interest Group (SASIG) addresses the human aspects of security and fraud prevention in an initiative to improve trust and confidence in the online environment.