Fraudulent emails offering refunds of overpaid tax have surged by nearly 50% in the past year, according to a report by Accountancy Age. Customers reported 23,347 phishing emails to the British tax authorities in the three months before the deadline.
Fraudulent emails offering refunds of overpaid tax have surged by nearly 50% in the past year, according to a report by Accountancy Age. Customers reported 23,347 phishing emails to the British tax authorities in the three months before the deadline for British self-employed taxpayers – a rise of 47% year-on-year.
During the past year, 91,000 phishing emails were reported to HMRC – which last month closed 178 websites it found were the source of the emails, a rise from 65 in 2013. The tax authority released a detailed warning describing the scams this month.
The emails look ‘convincingly real’ according to the Financial Times’ report. The paper says that the emails are used to harvest details such as dates of birth, bank account numbers and passwords.
The Guardian reports that the emails often begin with sentences such as, “We have reviewed your tax return; according to our calculations of your last year’s accounts a tax refund of XXXX is due”, and requests details including the sender’s mother’s maiden name. The emails appear to originate from addresses such as email@example.com.
Gareth Lloyd, HMRC’s head of digital security, said: “HMRC never contacts customers who are due a tax refund via email – we always send a letter through the post … We can, and do, close these websites down, and do all we can to ensure taxpayers stay safe online by working with law enforcement agencies around the world to target the criminals behind these scams.”
Scams timed to coincide with tax deadlines are common around the world. Last year, We Live Security reported on a spyware campaign in Slovakia timed to ‘cash in’ on a deadline for tax returns.
ESET’s Robert Lipovsky wrote, “Whilst this was mostly a local attack, the case demonstrates how effective and dangerous such social engineering attacks can be in general when trending topics, or other credibility-adding-tricks, are used.”