Some 74,743 scam emails were reported to HMRC’s dedicated phishing email account between
April and September – a 70% increase on the same period in 2013. Over the same six month period, HMRC worked with other law enforcement agencies to help close down more than 4,000 websites responsible for sending out the emails.
The emails promise a tax refund, and often ask for a recipient’s name, address, date of birth, bank and credit card details – including passwords and their mother’s maiden name. Once the victim has provided the information, money is stolen from their bank account and their details are sold on to other criminal gangs, which can lead to identity theft.
Steve Singh, Deputy Head of Operations, HMRC Digital Security, said:
“HMRC never contacts customers who are due a tax refund by email – we always send a letter
through the post.
“If you receive an email which claims to be from HMRC, and which offers you a tax refund, we recommend you send it to firstname.lastname@example.org and then permanently delete it. We can, and do, close these websites down and we continue our efforts to work with law enforcement agencies around the world to bring down the criminals behind these scams.”
HMRC asks people to:
- Check http://www.hmrc.gov.uk/
security/advice.htm for its online security advice
- Check to see examples of phishing emails online at http://www.hmrc.gov.uk/
- Forward suspicious emails to HMRC at email@example.com and then delete them
- Avoid clicking on websites or links in suspicious emails, or opening attachments.
Further advice can also be found at http://www.getsafeonline.co.