UK TAXPAYERS are being warned about fraudsters who are masquerading as HMRC to trick people into thinking they have received a tax rebate.
The tax authority said that online criminals are using email and text messages to lure unwitting members of the public into revealing their bank account information.
“HMRC only informs you about tax refunds through the post or through your pay via your employer,” warned Treasury minister Mel Stride.
“All emails, text messages, or voicemail messages saying you have a tax refund are a scam.”
She advised that anyone who received such emails do not click on any links in these messages and instead forward them to HMRC’s phishing email address and phone number.
Eyal Benishti, CEO and Founder of phishing prevention company, Ironscales, said he doesn’t find it surprising to see HMRC issuing such warnings as phishers are becoming increasingly sophisticated in their spoofing and impersonation techniques.
“HMRC is one brand that continues to be plagued by scammers trying to abuse its position of trust, to spoof customers into handing over their personal information,” Benishti explained.
“Although they have tried to stamp out this nefarious activity by increasing cyber security efforts […] HMRC continue to see the brand spoofed by criminals, resulting in unsuspecting victims being conned out of cash.”
HMRC implemented a security technology called DMARC, which stands for “Domain-based Message Authentication, Reporting and Conformance” in 2017.
The tool is an email authentication, policy, and reporting protocol that is said to have tackled the threat of phishing emails head-on and reduced the number of attempts to scam taxpayers by 300 million in 2016.
However, Benishti says DMARC is “not a silver bullet” in protecting against phishing threats such as the fake tax refund emails.
How a geeky kid making games in his mum’s house went on to create Fortnite
CORE OF THE PROBLEM?
Apple engineer says pressure to design iPhone is reason I’m divorced
Google Maps to use 3D directions in Street View to ensure you never get lost again
Beware this new WhatsApp ‘text bomb’ – messaging bug crashes your smartphone
New Facebook Messenger bug that steals your passwords on the loose
“It is time to think about email security differently,” he explained.
“Instead of the focus being completely on preventing messages getting into mailboxes, take a bottom-up approach and focus efforts on the Mailbox. After all, that’s where the threat is either realised or quashed.”
This could be done using machine learning algorithms and deep scans in the mailbox itself, which would work to ensure better phishing detection.
“With mailbox-level email security, organisations can detect phishing attacks that make it through secure email gateways, and subsequently alert users through inline messages to mitigate and remediate the threat as soon as possible,” Benishti added.
- Revenue Commissioner issues warning about latest phishing scam targeting Irish public
- Cyber criminals target motorists with fake DVLA phishing e-mail promising £240 tax refund
- Beware of the NatWest text message scam that gives fraudsters access to YOUR cash
- Tesco Bank customers warned about further email, text and phone call scams as fraudsters may target them again
- Pay your tax NOW or face a fine. HMRC sends ‘threatening’ texts to taxpayers
- Beware Of New IRS Impersonation Email Scam
- Car tax scam tries to trick people into opening this email and handing over their bank details
- Revenue Commissioners issue warning to the public after reports of new ‘muffled voice’ phone scam
- NatWest Bank customers warned about fake email scam that leads users to lookalike website
- What is ‘smishing’, who has been scammed and how can you protect yourself from SMS phishing cons? Here’s all you need to know
- Officials warn of more advanced phishing scams at Temple
- Bogus check scam hits Big Island mailboxes
- Are you a Lloyds bank customer? Watch out for this ‘impressive’ scam that could catch you out
- Holiday car-hire firm Goldcar slammed for ‘scamming’ Brits across Europe… and here’s how YOU can avoid becoming a victim
- 281 alleged email scammers arrested in global crackdown
- WhatsApp warning as scammers trick users with fake ‘subscription’ texts in a bid to collect bank details
- WhatsApp users targeted by a scam offering fake £100 voucher – how to protect yourself
- The tax dodge parasites: Billions "leached" as Lewis Hamilton, Apple and three Mrs Brown's Boys stash cash offshore
- Whatsapp warning as scammers use fake ‘subscription notification’ texts to snare victims
- Call for Action helps customer get $1,200 refund from The Dump
HMRC warns of surge in tax refund scam emails and text messages have 760 words, post on www.thesun.co.uk at May 9, 2018. This is cached page on Game Breaking News. If you want remove this page, please contact us.