Phishing Scams: UK Tax Service Issues A Warning

The volume of smishing reports increased by 56% to reach 57, 579 while the number of phone scams reported by the public jumped by a staggering 234% to reach 195, 720 in 2019.  The volume of fake UK Tax Service (HMRC) phishing emails reported by the British public has fallen sharply over the past two years, whilst over the same period reports  of tax related to SMS tesxt and phone-based scams has  increased.

The leading UK legsl fim Griffin Law obtained the figures from the UK HMRC under a freedom of information request related to their suspicious tax email referral service and it doesn’t provide a full picture of the scale of the phishing threat facing Brirish taxpayers, it does give useful insight into general trends.

From January 1 2018 to December 31 2019 there were a total of over 1.5 million reported scams. Although the vast majority (77%) of attacks came via email, the volume actually dropped by 60% between 2018 and 2019.

That could partly be explained by greater public awareness of such scams, but also seems to show an increasing willingness on the part of fraudsters to use different communications methods to trick taxpayers. “It’s no surprise that cyber-criminals see impersonating HMRC through fraudulent phishing schemes as an easy route to securing cash pay-outs from unsuspecting victims", Chris Ross SVP of network security company Barracuda Networks speaking to Infosecurity Magazine.

“Moving forward, it’s vital that there is much more public awareness about how advanced and prevalent these phishing schemes have become. It’s also important to recognise the lengths these criminals will go to trick entrepreneurs, finance workers and vulnerable or elderly people into handing over PIN codes or transferring money to false accounts.”

The HMRC is reported to have received over 2.6 m phishing reports from the public since the 2016-17 financial year and with the support of the British National Cyber Security Centre (NCSC) the tax servive has been taking measure to improve resilience against these attacks.

HMRC Advice:

  • Recognise the signs - genuine organisations like banks and HMRC will never contact you out of the blue to ask for your PIN, password or bank details.
  • Stay safe - don’t give out private information, reply to text messages, download attachments or click on links in emails you weren’t expecting.
  • Take action - forward details of suspicious calls claiming to be from HMRC to phishing@hmrc.gov.uk and texts to 60599, or contact Action Fraud on 0300 123 2040 or use their online fraud reporting tool, especially if you suffer financial loss.
  • Check GOV.UK for information on how to avoid and report scams and recognise genuine HMRC contact.
  • If you think you have received an HMRC related phishing/bogus email or text message, you can check it against the examples shown in this guide.

HMRC:         Griffin Law:        Inforsecuity Magazine:       National Union of Students

You Might Also Read: 

The Most Common Cyber Attacks:

 

 

 

 

« AI Is Closing The Cyber Skills Gap
Teens Abandon TV and Take News On-Line »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Veridify Security

Veridify Security

Veridify Security (formerly SecureRF), develops and licenses quantum-resistant, public-key security tools for the low-resource processors powering the Internet of Things.

Proofpoint

Proofpoint

Proofpoint provide the most effective cybersecurity and compliance solutions to protect people on every channel including email, the web, the cloud, social media and mobile messaging.

Information Technology & Cyber ​​Security Service (STISC) - Moldova

Information Technology & Cyber ​​Security Service (STISC) - Moldova

STISC is a public institution whose purpose is to ensure the administration, maintenance and development of the information technology infrastructure in Moldova.

Brainloop

Brainloop

Brainloop's security architecture enables you to work on and distribute strictly confidential documents both within and beyond the firewall.

iONLINE

iONLINE

iONLINE delivers high quality IT services and solutions to businesses in Azerbaijan.

Sectigo

Sectigo

Sectigo is a leading cybersecurity provider of digital identity solutions, including TLS / SSL certificates, DevOps, IoT, and enterprise-grade PKI management, as well as multi-layered web security.

Cybersecurity Coalition

Cybersecurity Coalition

The mission of the Cybersecurity Coalition is to bring together leading companies to help policymakers develop consensus-driven policy solutions to achieve improvements in cybersecurity.

Northcross Group (NCG)

Northcross Group (NCG)

NCG provides services to help organizations meet the challenges of regulatory compliance. Our services include support, consultation, tools and accelerators for all parts of an organization.

VirtualArmour

VirtualArmour

VirtualArmour is a managed security services provider with global reach and local attitude.

Next Peak

Next Peak

Next Peak provides cyber advisory and operational services based on deep business and national security experience, thought leadership, and a network of front-line defenders.

Kingston Technology

Kingston Technology

Kingston is a leading global manufacturer of memory and storage solutions including encrypted storage solutions to protect data inside and outside the firewall.

Aravo Solutions

Aravo Solutions

Your Extended Enterprise is full of hidden risks – Aravo makes them visible, measurable, and manageable.

Globesecure Technologies

Globesecure Technologies

Globesecure Technologies is a networks and cyber security company. We are here to resolve business security challenges and secure the digital transformation journey of our clients.

COPA-DATA

COPA-DATA

COPA-DATA is the only independent software manufacturer to combine in-depth experience in automation with new possibilities of digital transformation – reliable, future-proof and operating worldwide.

The Purple Guys

The Purple Guys

The Purple Guys offer Trouble-Free IT Support to businesses across the Central and Southern US. Safe and Secure, Rapid Response, Friendly Support that’s our Purple Promise.

ABPSecurite

ABPSecurite

ABPSecurite is a leading value-added distributor and a network performance solutions provider.