HMRC reports 'prolific' tax rebate phishing scams

News by SC Staff

Reports of phishing scams that claim to be from HMRC have already claimed thousands of victims.

Reports of phishing scams that claim to be from HMRC have already seen thousands of victims receive emails.


With the deadline for self assessment tax returns looming at the end of January, HMRC has claimed that it is ‘aware of a high number of emails being sent out offering a tax rebate' and that ‘HMRC would not inform customers of a tax rebate via email, or invite them to complete an online form to receive a rebate of tax'.

HMRC chief executive Lesley Strathie claimed that this was the most 'sophisticated and prolific phishing scam that we have encountered. I would strongly encourage anyone receiving such an email to send it to us for investigation'.

HMRC has repeatedly been the subject of phishing emails, with reports made of HMRC Impersonation Phone Calls, an email from the ‘Customs Service', phone calls offering tax rebates and a fake P86 form that asks for personal information from taxpayers employed outside the UK.


Michael Foreman, managing director of AVG Technologies, said: “Sensitive personal information is very rarely requested via email. If you aren't sure, find out and type the URL manually instead of following links from suspect emails.


“An up-to-date internet security suite with spam filter is essential because it stops this kind of fraudulent email from ever reaching your inbox. However another important line of defence against this kind of scam is knowledge.”


Richard Turner, CEO of Clearswift, said: “Fraudsters are using sophisticated techniques to make these scam emails appear genuine – they target people through their work email addresses and include information such as a direct dial telephone number or job title.


“By making the emails seem legitimate rather than looking obviously like spam, they're hoping people will disclose their bank details and personal information. Users of social networking sites regularly display birth dates, email addresses, job titles as well as information about where they live and their family, friends and work colleagues – all of which can be used in a phishing scam such as this to make the scam email appear more credible.”


Graham Cluley, senior technology consultant for Sophos, said: “The phishing attacks have been seen arriving from faked addresses such as or, and the fact that it is being seen so much now is no surprise. January 31st is the deadline for self-assessment forms to be filed with HMRC, and some taxpayers will be hoping for a rebate.


“Of course, for many people it's a dream come true to think that they might actually be getting some money back from the tax man rather than having to give money to the Inland Revenue, so it's not surprising if people might eagerly click on the link without thinking of the possible consequences. What's that old saying? In this world nothing can be said to be certain, except death and taxes? Maybe they should add a third certainty: phishing.”




Greg Day, security analyst for McAfee said: “What separates these scams from phishing attacks of the past is their attention to detail with structure, correct grammar and the professional appearance of illegitimate website.

“This level of attention to detail is something that we saw increasingly last year and sets the tone for spam in 2009. As the recession takes its toll on many people across the UK and beyond, and as finances become even more stretched, people are becoming more susceptible to such scams. Cybercriminals have changed their approach and are targeting individuals for smaller gains with a greater success rate which over an extended period can result in equivalent financial gains to the larger quick-wins.”


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews