In May this year, the number of phishing emails recorded was 11,219 - 131% higher than the same month a year earlier, HMRC said.
HMRC said it closed 1,740 illegal sites in 2013, most originating in Turkey, Spain and Bulgaria. Phishing emails also came from the UK and USA.
Phishing emails often promise money back and, if the recipient clicks on a link, they are taken to a fake replica of the HMRC website. They are then asked to provide credit or debit card details or other sensitive information such as passwords. The fraudsters then try to take money from their account.
They often ask for the recipient’s name, address, date of birth, bank account number, sort code, credit card details, national insurance number, passwords and mother’s maiden name.
In addition to money being stolen from victims’ bank accounts, their personal details can be sold to criminal gangs, leading to possible identify theft.
Nick Lodge, director general of benefits and credits at HMRC, said: “HMRC will never ask people to disclose personal or payment information by email. We are committed to claimants’ online security but the methods fraudsters use to get information are constantly changing, so people need to be alert.”
HMRC is asking people to be wary of e-mails with attachments which might contain viruses designed to steal personal or financial information, and not to open them.
One scam is contained in an email circulated from[email protected] telling recipients about a 2013 tax refund report. The email appears to have been issued by “Tax Credit Office Preston”, but it is a scam. It includes an attachment that contains a virus. Recipients are urged not to respond and to delete it immediately.