Rob hyrons - Fotolia
HMRC has issued a warning to those who file Self Assessment tax returns as the annual return deadline of 31 January nears, saying that cyber criminals are taking advantage of its reminder SMS messages and emails to trick taxpayers out of their money.
Fraudsters frequently exploit HMRC branding in scams, and in the past 12 months alone, the department has dealt with almost 850,000 referrals of suspicious HMRC contact from the public and had over 15,500 malicious web pages taken down by internet service providers.
Many of the scams purport to be information about a tax rebate or refund due to the target – nearly 500,000 of these were reported in the past year – and will often use language specifically intended to convince them to give up personal information, in particular their bank details, in order to claim the money owing. Needless to say, there is no rebate or refund – the criminals will use this information to access their victims’ bank accounts.
HMRC’s interim director general for customer services, Karl Khan, said: “We know that criminals take advantage of the Self Assessment deadline to panic customers into sharing their personal or financial details and even paying bogus ‘tax due’.
“If someone calls, emails or texts claiming to be from HMRC, offering financial help or asking for money, it might be a scam. Please take a moment to think before parting with any private information or money.”
At the same time, HMRC is warning the public to be hyperaware of websites that charge for government services that are in fact free, such as sites offering assistance in claiming tax refunds or filing returns for a price – these can be completed and filed online and help and support is also available from HMRC.
HMRC advises those who have received a communication to take a moment to think before parting with any personal data or money, to never give out information or respond to unsolicited texts, download attachments, or click on links in emails. It is also important to remember it is entirely appropriate to reject, refuse or ignore any requests, only criminals will try to rush or panic you into a response.
Read more about fraud
- Erratic tech baron John McAfee allegedly promoted initial coin offerings without disclosing he was being paid to do so.
- As the coronavirus pandemic has forced more businesses online, e-commerce fraud has spiked. AI fraud detection and prevention tools, however, can help merchants.
- A roaring underground trade in stolen identities is undermining the Universal Credit system and could potentially defraud it out of millions of pounds.
Pauline Smith, head of Action Fraud, said: “Criminals are experts at impersonating organisations that we know and trust. We work closely with HMRC to raise awareness of current scams and encourage people to report any suspicious calls or messages they receive, even if they haven’t acted on them, to the relevant channels.
“This information is crucial in disrupting criminal activity and is already helping HMRC take down fraudulent websites being used to facilitate fraud.
“It’s important to remember if you’re contacted out the blue by someone purporting to be from HMRC asking for your personal or financial details, or offering you a tax rebate, grant or refund, this could be a scam. Do not respond, hang up the phone, and take care not to click on any links in unexpected emails or text messages. You should contact HMRC directly using a phone number you’ve used before to check if the communication you have received is genuine.
“If you’ve been the victim of fraud, contact your bank immediately and please report it to Action Fraud online at actionfraud.police.uk or by calling 0300 123 2040.”
HMRC also operates an inbox for people to report suspicious emails to, at [email protected], while SMS messages should be forwarded to 60599.
Read more on Hackers and cybercrime prevention
GDPR tax reclaim scheme preys on fears of SMEs
Prime minister Rishi Sunak faces pressure from banks to force tech firms to pay for online fraud
TSB calls on Meta to intervene and protect users from fraud losses of £250m this year
Lloyds Bank calls on tech companies to control social media ‘wild west’