Gateway Account Fraud Attempt?

You have requested a code you can enter on the Government Gateway screen to confirm your email...

Didn't find your answer?

Three of the people here in our office received emails last night from [email protected] with the six character codes sent out when you set up a new Gateway account and the system needs to confirm the email address you're using is one to which you have access. I don't think these codes get sent at any other time, the email says specifically it's for confirming your email address.

They were sent overnight, in the middle of the night, multiple times to each of the people who received them and this morning two clients have called to tell us they've also received some. Has anyone else seen this?

I'm struggling to work out if this is some sort of fraud and, more perplexingly, if it is a fraud what could be gained by setting up a new Gateway account using someone else's email address. The Gateway account itself affords no access, services need to be added to them for which you need additional access and information, you can't get access to anything just by using someone else's email address.

It's hard to imagine how else this could come about though, it seems like it must be either some kind of fraud attempt or some sort of system glitch at HMRC, and if the latter I would expect others on here to have received the same, so does anyone have any light they can shed on this? Any ideas either on the cause of this, the reason behind it, what might be gained from a fraud of this sort or any other explanations for what we've seen?

Replies (10)

Please login or register to join the discussion.

Replying to Wanderer:
By Duggimon
29th Nov 2023 11:15

Thanks for this, the timing does suggest a link however I'm pretty sure this is not the same issue. I've set up enough gateway accounts to be fairly sure these emails are not 2FA for logging in (like the texts mentioned in the OP) but are email verification for new accounts.

On reflection though, if it's a system glitch then it could indeed be the same issue and the authentication server is sending out both spurious 2FA texts and verification emails. I suppose that's somewhat reassuring.

Thanks (1)
By pauld
29th Nov 2023 11:09

I think its a widespread issue. There is another post on this today. Not sure what the cause is though.

Thanks (1)
By lesley.barnes
29th Nov 2023 12:04

I've had an email from a client who said that they had 6 emails with codes on them for her Gateway and had I been trying to access her account. I explained that I have my own agent account so didn't know her Gateway details and I didn't need it.

Someone on another forum has posted this below. There is also something on X about it from HMRC. I don't have an account so I can't see the contents.

"HMRC is aware of several customers receiving multiple unexpected emails regarding this issue which is currently being investigated.

If you have clicked on any links, or opened any attachments, we recommend you run your antivirus software as a matter of urgency and update any relevant passwords.

If you have disclosed any personal details to this scam, please forward a report to us at [email protected].”

Thanks (3)
Replying to lesley.barnes:
By FactChecker
29th Nov 2023 12:16

Whilst I don't tend to assume basic competence or accuracy when reading HMRC communications ... that suggests they think anyone who clicks on the link in the unsolicited email will cause some sort of virus/malware to be downloaded to their device.

So the key feedback (which shouldn't in this day and age need repeating) is ... if you don't know the sender or have reason to be suspicious then do NOT click on any links within the email/message.

Thanks (4)
Replying to lesley.barnes:
By lionofludesch
29th Nov 2023 12:50

lesley.barnes wrote:
There is also something on X .....

No need to pander to Elon Musk's over-inflated ego.

Thanks (2)
Replying to lesley.barnes:
By rmillaree
29th Nov 2023 13:53

"which is currently being investigated."

what is most unhelpful is hmrc inability to see if they have sent out communication or not - strewth. If they are making peeps panic over nowt by sending stuff in error the least they can do is give timely update ref facts

whats even more worrying is them telling peeps to ignore what appears to be a hacking attempt - unbelievable - what happens if someone has had hacking attempt should they really ignore it ?

"we are aware this is happening, and we are investigating. If you've not requested access to an account, you can ignore the messages. "

Thanks (3)
By K81
29th Nov 2023 13:14

yes, we have had clients receive these e-mails, sent around midnight last night. I had not considered it may be HMRC glitch.

Thanks (1)
By The Rogue
29th Nov 2023 16:23

I had six of these. There are no links in them to click on to get any malware.

Thanks (1)
By Duggimon
29th Nov 2023 19:40

Thanks all, it's always reassuring when these things pop up to be able to come on here and confirm it's not just us, appreciate the replies.

Thanks (0)