Don’t be a victim of Phishing!

HMRC Scam Alert

Updated on July 4th 2019

We have recently had a few calls from clients who received phone calls allegedly from HMRC, telling them that there was a warrant out for their arrest since they haven’t paid their taxes. They then go on to request the listener to pay an amount of tax that they owe.

Just to make things clear, this is a well-known scam, targeting UK businesses for the past year or so.

But what can you do if you have been contacted in such a manner:

First – do not provide any of your personal or business details!

Second – if you’re still unsure about the legitimacy of the source who contacted you, call the HMRC service centre to verify this specific communication.

Third – if you’re a Clever Accounts client you could always discuss this with your dedicated accountant.

 

Phishing scams and emails have been around since the beginning of the internet. The term “Phishing” is broadly defined as an “email attempting to trick you into providing personal or business financial and sensitive information”. These attacks are normally carried out by hackers and fraudsters, who can be based anywhere in the world.

We strongly advise that every email is vetted to confirm the validity of the information being requested. Often phishing emails can appear almost identical to an organisation’s own correspondence and are very difficult to spot.

The following tips may help you stay that little bit safer online.

Who has sent you the email?

It is often as simple as checking the sender’s address and confirming this is one that you recognise. If you don’t recognise it, please contact the sender using your normal methods and verify the authenticity.

What is being requested and why?

Consider where an email is requesting sensitive information from you, such as from a bank or HMRC. Banks and government bodies will generally never request sensitive information through email but prefer to write or discuss over the phone. If it is a genuine source, consider if they already have this information or if it can be provided in another manner such as in writing, in branch or through your accountant.

Does the email contain grammatical or formatting errors?

These are red flags when it comes to phishing and is often the result of overseas scam operations or targeted attacks. A genuine organisation is less likely to make simple errors or change their email design without advance warning.

Does the email include threats requiring immediate action?

Successful phishing attacks often rely on the subject not fully considering the actions of the information that they are providing. If the email contains a request for immediate action, it is worth reviewing previous correspondence to verify why.

Are your details correct?

Confirm the email is addressed to you and the details included are relevant to your situation.

Further reading and advice

Please leave a comment if you’ve been the victim of a phishing scam detailing what happened, what you did and how it was resolved. If you have any further tips or advice you think others may benefit from, please provide.

You can find further links and advise below:

Citizens Advice https://www.citizensadvice.org.uk/consumer/scams/scams/common-scams/computer-and-online-scams/phishing-spam-emails-and-fake-websites/

Advice and Reporting Fraud to HMRC https://www.gov.uk/report-suspicious-emails-websites-phishing

Reporting Fraud to Companies House https://www.gov.uk/government/publications/reporting-fraud-about-a-company-to-companies-house/reporting-fraud-to-companies-house

Posted by David Crossley