We have encountered several instances of each of the following recently:
1) HMRC writing to our clients to say that someone has gained access to their self-assessment record fraudulently, and as a result their old SA record has been closed and a new record and UTR opened.
2) Tax returns being filed without knowledge of us or our clients claiming a refund to be paid to a nominees bank account
3) Long standing clients disappearing off our portal then when we check with HMRC, they say that we are not the agent on their records. The client denies all knowledge of changing agent and is as baffled as we are.
4) Letters from HMRC sent to clients to 'check a repayment claims', when as far as we are aware no repayment is due.
For years, we've had none of these events then all of a sudden they're appearing too often to be put down as just one of those things. I am beginning to suspect HMRC have suffered a data breach and agent authorisations are being changed, bogus repayment claims made and being sent out to the 'new' agent. Who else is experiencing this?
Replies (6)
Please login or register to join the discussion.
There's an increasing amount of this going on ... see https://www.accountingweb.co.uk/tax/personal-tax/taxpayers-duped-by-rogu... for a particularly egregious example recently.
Step 1 - warn your clients NOT to sign-up for any 'reclaim assistance' (it invariably lets rogues over-ride the system from then on)!
Sounds like a lot of lightening to strike one practice unless its quite large. I have a smallish sample size of 100 odd co. clients and 350 personal tax and nothing like this happen.
Is the data breach your side?
Are you sure there is no tracking software installed on your network? We have regular phishing attempts get mailed to us looking like a genuine enquiry of the 'please open the spreadsheet' type. That must be to get access. An IT specialist should be able to identify any odd usage of your network, 3am that type of thing.
Could it be closer to home and an ex-staffer with an axe to grind?
When did you last change all your log-ins?
We are the same size as you on companies and SA
I would agree your opinion on probable cause. Data breach at accountant end not HMRC
Definitely get a good IT expert to Fine comb looking at malware and the like
We recently had 2 people 'sign up' on a dubious website for marriage allowance claim but neither dislodged us as agents. One thinks they cancelled in time, the other just had a big fee and really does not want to talk about it
OP's example type 1 is the one I find most worrying (if only because I've not heard of it previously - although it could be the result of HMRC identifying any of the other types 2, 3 or 4).
The other 3 types are all reasonably common IF the client has signed up with one of those 'refund claim handlers'. Client may be too embarrassed to admit having done so, or may simply not realise that one action has led to all the other actions.
So, irrespective of the possibility of some data breach at OP's end (which would be serious so needs to be properly investigated AND improved procedures put in place for the future if necessary) ... I would always advise any practising member of this site to warn their clients (whether individually or via a newsletter or whatever) of the very real dangers if they sign anything with those rogues - even if client thinks it's just a one-off (and didn't want to bother you).