In the past two days I have received two e-mails purporting to come from "[email protected]", the latest one being:
These e-mails have been addressed to my firm's e-mail address.
Now I know that HMRC do not send attachments by e-mail, I have not filed any VAT returns today and that this is a different wording to the normal VAT return submission acknowledgement, but it could be very easy to mistake this for the real thing.
Please be aware of this kind of spam.
Replies (13)
Please login or register to join the discussion.
Me too
I just got one through reminding me to file an Employer Annual Return by 29th February 2014, the email then later mentions I need to send P35 and P14s in for 19th May!
The layout and wording looks similar to HMRC style reminders and this puported to come from [email protected], but hopefully no on the ball accountants would be fooled - 29th Feb 2014? P35/14s under RTI? Ha!
I could see some people who do their own payroll being fooled though.
I have just received this one, clearly incorrect information
Employer Annual Return
Employers must file their Employer Annual Return (P35 and P14s) for 2013-14 online to reach us by 29 February 2014. We strongly recommend that you file your return online, as soon as it is ready.
Don’t forget, Extra Statutory Concession B46 came to an end in 2011 so the period of grace no longer applies. To avoid penalties, file your Employer Annual Return (P35 and P14s) online and file as soon as you can before 19 May 2013.
Please complete all relevant sections of the attached application form and attach the appropriate documents.
Reply to this email as this mailbox is monitored for incoming mail.
This one turned up
at a home email address with the ZIP attached. Just told Mailwasher to kill it
Employer Annual Return
Employers must file their Employer Annual Return (P35 and P14s) for 2013-14 online to reach us by 29 February 2014. We strongly recommend that you file your return online, as soon as it is ready.
Don’t forget, Extra Statutory Concession B46 came to an end in 2011 so the period of grace no longer applies. To avoid penalties, file your Employer Annual Return (P35 and P14s) online and file as soon as you can before 19 May 2013.Please complete all relevant sections of the attached application form and attach the appropriate documents.
Reply to this email as this mailbox is monitored for incoming mail.
The legitimate one ...
... comes from "[email protected]" with a subject "RTI-Making final submissions for the 2013-14 tax year [87] [Protective Marking: UNCLASSIFIED]" and a .doc attachment.
It also contains a final sentence "This e-mail may have been intercepted and its information altered."
Make of that what you will!
@Euan and Canary boy I was just debating that one with my assistant. The conclusion was "lets not take the risk, eh, I don't want to spend the next 24 hours testing out backup procedures"
Go on - take the risk!
@Euan and Canary boy I was just debating that one with my assistant. The conclusion was "lets not take the risk, eh, I don't want to spend the next 24 hours testing out backup procedures"
I have and our office network is still working fine. How could an e-mail with such a tortuous subject and file name be from anyone other than HMRC? As I said before, the document give 3 pages of useful advice if you run payrolls.
There is a difference between genuine and scam and that is the genuine one has a word file attached and the scam one has a zip file.
All these current scams seem to have zip files and are worth deleting unless you're very sure they're genuine.
We haven't had one of these for ages
(I feel quite ignored) but would running a virus scan on the email and zip files reveal dodgy ones?
Depends upon AV software
A recent scan of one of these .zip attachments using (1) Bullguard and (2) Trend Micro failed to flag an issue.
Mailguard has been a bit hit and miss in recent weeks in identifying what it says (if dodgy) "banned part".
Intuitive software has been unintuitive (no more than a placebo software "solution" maybe) and a request for support using the support link on their webpages received no response. I am told that as a user I am expected to "train" this (un)intuitive software as to what is / what what is not spam. There have been instances of eMails not being received here by colleagues, suspicion being that (un)intuitive has held them back - problem is that cannot see what (un)intuitive has held back / blocked as incoming eMails. As already stated the helpline was eMailed (sdome weeks ago) and no response from (un)intuitive.
OK I'm not
as yellow as my name suggests!
I've opened it, printed it, and will read it later. Thanks Euan.
Help if you opened the attachment ...
Have a look at - https://www.malwarebytes.org/
Good to run this periodically anyway on your pc