Phishing scams jump as HMRC tax deadlines close


Phishing scams jump as HMRC tax deadlines close

Warwick Ashford

Criminals are likely to target UK taxpayers with phishing e-mails as tax and tax credit deadlines loom in July, warns security firm Trusteer.

Tax-related phishing e-mails are twice as successful as bank phishing attacks, the firm's research has revealed.

A recent analysis of a UK-specific botnet showed the operators are looking for login credentials for the HMRC website, said Mickey Boodaei, chief executive at Trusteer.

"There are various tax and VAT-related scams that fraudsters can run against you once they have access to your HMRC login information," he said.

The phishing e-mails will typically promise taxpayers refunds and invite them to enter their banking details on a fake HMRC web page.

The details are then harvested by the criminals and used to commit fraud.

Mick Paisley, head of information security and business resilience for Santander, said the nature and timing of this phishing makes it hard for people to ignore.

For this reason, Santander is offering Alliance & Leicester internet banking customers a free download of Rapport software from Trusteer to protects users from sharing their banking details with fraudsters.

The software, which is to be made available to all Santander customers, also allows banks to take aggressive action to take down these criminal sites as quickly as possible, he said.

The Rapport software is also available from HSBC, NatWest, RBS and other banks to monitors phishing attacks against online bankers and block them.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy