Ignore email scams promising fake HMRC tax refunds
Scammers are targeting self assessment taxpayers by email claiming they are entitled to tax refunds and asking for bank details to transfer the money
18 Feb 2019
This comes just weeks after the filing deadline for self assessment tax returns on 31 January.
The scam phishing emails are being sent from verio.net domain names and contain endless hash tags and requests for bank information, addressed to ‘user HMRC taxpayer’.
However, they do cite a random, fabricated UTR number – the unique taxpayer reference numbers issued by HMRC – as well as a refund number, tax reference and transaction number, as well as a generated password to activate the refund.
All of this information is fake and it is important to not open the attachment accompanying the email, which contains the virus but purports to provide information about how to claim the refund.
The attachment is a clear giveaway, with a file name of Zero-Hour Auto Purge.
Sample email content
:##:-USER HMRC TAXPAYER.
:##:-You will find attached to this email a short guide document.
:##:-Please read this guide carefully
File password is 3399
:##:-Transaction reference is 42755 45415
:##:-Issuing Date: February-15 , 2019
Mobile phone scams
At the same time, phone scammers are also targeting UK taxpayers by mobile phone and appear to be accessing company mobile phone numbers.
In this instance, mobile users receive bogus calls from a number impersonating HMRC.
The best advice is to never provide personal details when receiving such calls, hang up immediately and ring the official HMRC helplines to check on any tax issues.
HMRC official advice states that ‘you’ll never get an email, text message or phone call from HM Revenue and Customs (HMRC) which:
- tells you about a tax rebate or penalty;
- asks for your personal or payment information’.
Check HMRC’s guidance on recognising scams if you’re not sure.
Alway report something suspicious to HMRC’s phishing team, for example:
- a text message (forward it to 60599 - charged at network rate);
- an email;
- details of a phone call asking for personal information or threatening a lawsuit.
If you receive a suspicious phone call, email the following details to the HMR phishing team email@example.com providing:
- your phone number;
- caller’s phone number;
- time and date of call;
- brief description of call.
Report by Sara White