Phishing Scams: UK Tax Service Issues A Warning

Uploaded on 2020-04-01 in GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Financial

The volume of smishing reports increased by 56% to reach 57, 579 while the number of phone scams reported by the public jumped by a staggering 234% to reach 195, 720 in 2019.  The volume of fake UK Tax Service (HMRC) phishing emails reported by the British public has fallen sharply over the past two years, whilst over the same period reports  of tax related to SMS tesxt and phone-based scams has  increased.

The leading UK legsl fim Griffin Law obtained the figures from the UK HMRC under a freedom of information request related to their suspicious tax email referral service and it doesn’t provide a full picture of the scale of the phishing threat facing Brirish taxpayers, it does give useful insight into general trends.

From January 1 2018 to December 31 2019 there were a total of over 1.5 million reported scams. Although the vast majority (77%) of attacks came via email, the volume actually dropped by 60% between 2018 and 2019.

That could partly be explained by greater public awareness of such scams, but also seems to show an increasing willingness on the part of fraudsters to use different communications methods to trick taxpayers. “It’s no surprise that cyber-criminals see impersonating HMRC through fraudulent phishing schemes as an easy route to securing cash pay-outs from unsuspecting victims", Chris Ross SVP of network security company Barracuda Networks speaking to Infosecurity Magazine.

“Moving forward, it’s vital that there is much more public awareness about how advanced and prevalent these phishing schemes have become. It’s also important to recognise the lengths these criminals will go to trick entrepreneurs, finance workers and vulnerable or elderly people into handing over PIN codes or transferring money to false accounts.”

The HMRC is reported to have received over 2.6 m phishing reports from the public since the 2016-17 financial year and with the support of the British National Cyber Security Centre (NCSC) the tax servive has been taking measure to improve resilience against these attacks.

HMRC Advice:

  • Recognise the signs - genuine organisations like banks and HMRC will never contact you out of the blue to ask for your PIN, password or bank details.
  • Stay safe - don’t give out private information, reply to text messages, download attachments or click on links in emails you weren’t expecting.
  • Take action - forward details of suspicious calls claiming to be from HMRC to phishing@hmrc.gov.uk and texts to 60599, or contact Action Fraud on 0300 123 2040 or use their online fraud reporting tool, especially if you suffer financial loss.
  • Check GOV.UK for information on how to avoid and report scams and recognise genuine HMRC contact.
  • If you think you have received an HMRC related phishing/bogus email or text message, you can check it against the examples shown in this guide.

HMRC:         Griffin Law:        Inforsecuity Magazine:       National Union of Students

You Might Also Read: 

The Most Common Cyber Attacks:

 

 

 

 

« AI Is Closing The Cyber Skills Gap
Teens Abandon TV and Take News On-Line »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Duane Morris LLP

Duane Morris LLP

Duane Morris is a global law firm with offices in the USA, UK and Asia. Practice areas include Cybersecurity.

Redicom

Redicom

Redicom is an independent consulting agency focusing on identity management, strong authentication and single-sign-on.

D3 Security

D3 Security

D3's Smart SOAR platform is at the forefront of the security automation revolution, helping clients around the world to rapidly identify, analyze, and resolve advanced threats.

Decision Group

Decision Group

Decision Group are a Total Solution Supplier offering Network Forensics and Lawful Interception tools.

National Cyber Security Centre (NCSC) - New Zealand

National Cyber Security Centre (NCSC) - New Zealand

The role of the NCSC is to help New Zealand’s most significant public and private sector organisations to protect their information systems from advanced cyber-borne threats.

Proton Data Security

Proton Data Security

Proton Data Security is a certified small business specializing in the design, manufacturing and sales of data security products for permanent erasure of hard drives, tapes and optical media.

ePlus

ePlus

ePlus designs and delivers effective, integrated cybersecurity programs centered on culture and technology, aimed at mitigating business risk and empowering digital transformation.

David Hayes-Export Controls

David Hayes-Export Controls

David Hayes-Export Controls provides assistance to companies affected by export controls or who are considering entering the market but are unsure of the commercial and regulatory implications.

Aries Security

Aries Security

Aries Security provides a premiere cyber training range and skills assessment suite and develops content for all levels of ability.

CYRISMA

CYRISMA

CYRISMA is a revolutionary cybersecurity platform that helps organizations manage risk without the usual headaches associated with enterprise cybersecurity tools.

DEFENTEK - National Security Informatics

DEFENTEK - National Security Informatics

Defentek (aka National Security Informatics) is a technology consortium covering a broad spectrum of intelligence computing solutions and interception technologies.

NI Cyber Security Centre

NI Cyber Security Centre

NI Cyber Security Centre works to make Northern Ireland cyber safe, secure and resilient for its citizens and businesses.

ProCheckUp

ProCheckUp

ProCheckUp is a London-based independent provider of cyber security services, including IT Security, Assurance, Compliance and Incident Response.

Zorus

Zorus

Zorus provides best-in-class cybersecurity products to MSP partners to help them grow their business and protect their clients.

Paragon Cyber Solutions

Paragon Cyber Solutions

Paragon Cyber Solutions provides specialized security risk management and IT solutions to protect the integrity of your business operations.

Astran

Astran

At Astran, we revolutionize data security by introducing a groundbreaking solution for data confidentiality headaches.