Scammers concocted a convincing replica of an HMRC Employer Bulletin in an increasingly sophisticated approach to phishing for personal information from businesses and accountants.
HMRC’s Employer Bulletin 46 and accompanying e-alerts are due to go out on 17 February. However HMRC this week warned employers not to be tricked by a fake version of the e-alert luring recipients into downloading a Trojan horse virus that can let hackers into the user's computer.
Criminals behind the scam circulated fake emails based on the usual HMRC e-alert wording to a list of likely recipients.
Instead of the usual URL link to the Employer's Bulletin, the email contains an infected zip file. Anyone receiving emails from the tax department is advised not to click any such attachment.
Apart from copying the format of the alerts, the scammers did not have access to any of HMRC's data, the department said.
“Figures show that there have only been around 20 cases reported so far, so we seem to have caught this one early,” HMRC said.
“The phishing team have instigated all their security processes. The security team have informed us that this is a criminal act and HMRC are not responsible. HMRC systems are not affected because of our firewalls.”
Earlier this month, similar phishing mails appeared in the guise of self assessment submission emails.
HMRC is not alone in being targeted by phishing attempts, as accountants with access to HMRC's online systems are very valuable targets for organised gangs.
AccountingWEB this week also saw comments purporting to be for a legitimate, well-known tax software website that redirected people to a fake portal that encouraged them to download a trial version. This, no doubt would also have contained a virus, but we did not risk inspecting it more closely.
Some tips and advice to be wary of being scammed include:
- Never open file attachments (especially zipped ones), unless you know who is sending it to you and why
- Don’t click on links unless from a trusted source
- Have an up-to-date anti-virus programme and run scans frequently
- Use complex passwords and change them frequently
- If in doubt, pick up a phone and speak to someone at the organisation that claimed to have sent the email.
For more advice on dealing with phishing emails and fake portals, see Revenue warns of tax return email scam