Employers targeted in new HMRC phishing twist

Kashflow logo
Share this content

Scammers concocted a convincing replica of HMRC's most recent Employer Bulletin in an increasingly sophisticated approach to phishing for personal information from businesses and accountants.

HMRC’s Employer Bulletin 46 and accompanying e-alerts are due to go out on 17 February. HMRC this week warned employers not to be tricked by a fake version of the e-alert containing false links designed to lure the recipients into downloading a Trojan horse virus that can give them access to the user's computer.

Criminals behind the scam circulated fake emails based on the usual HMRC e-alert wording to a list of likely recipients. 

Instead of the usual URL link to the Employer's Bulletin, the email contains an infected zip file. Anyone receiving emails from the tax department is advised not to click any such attachment.

Apart from copying the format of the alerts, the scammers did not have access to any of HMRC's data, the department said...

Please Login or Register to read the full article

The full article is available to registered AccountingWEB.co.uk members only. To read the rest of this article you’ll need to login or register. Registration is FREE and allows you to view all content, ask questions, comment and much more.

About Rachael Power

Your friendly, neighbourhood community editor. 

Twitter: @rachpower10 


Please login or register to join the discussion.

07th Feb 2014 08:37

Zip attachements

I am being constantly targeted by these sorts of emails and I am not sure how to stop it.  Every day emails from HMRC like the above, or now payroll RTI submissions, companies house reports, invoices from various companies - all zip files.  It is like I am being targeted by these gangs.

Luckily I have a good anti virus and never open these files.

I however must be the tip of the iceberg and I am guessing these gangs are so big; nothing can be done about them. 

I have read how one virus infects your computer but encrypting all your files.  Only by paying a fee can you get them back.  I wonder how many people have fallen for this and have probably not mentioned anything due to feeling embarrassed.

It seems this is huge organised crime that is being swept under the carpet at the moment.



Thanks (0)