Bogus HMRC emails

This is becoming an increasing problem. Fraudsters entice you to claim a tax refund online and “for security reasons” or similar ask you to provide personal information to them to verify your claim. Here is some useful guidance which is taken directly from the real HMRC.gov.uk website to help ensure you are not caught out online:

How to tell if an email is fraudulent
As well as spelling mistakes and poor grammar, there are a number of things you can look out for to help you recognise a phishing or bogus email.

Incorrect ‘from’ address
Look out for a sender’s email address that is similar to, but not the same as, HMRC’s email addresses. Fraudsters often have email accounts with HMRC or revenue names in them (such as ‘refunds@hmrc.org.uk’). These email addresses are used to mislead you.

However be aware, fraudsters can falsify (spoof) the ‘from’ address to look like a legitimate HMRC address (for example ‘@hmrc.gov.uk’).

If you’re not 100% sure that the message has come from us, don’t open it. If you do open the email and you’re in doubt don’t click on any links or downloads.

Personal information
Emails from HMRC will never;

  • notify you of a tax rebate.
  • offer you a repayment.
  • ask you to disclose personal information such as your full address, postcode, Unique Taxpayer Reference or details of your bank account.
  • give a non-HMRC personal email address to send a response to.
  • ask for financial information such as specific figures or tax computations, unless you’ve given us prior consent and you’ve formally accepted the risks.
  • have attachments, unless you’ve given prior consent and you’ve formally accepted the risks.
  • provide a link to a secure log in page or a form asking for information - we’ll ask you to log on to your online account to check for information instead.

Urgent action required
Fraudsters ask for immediate action. Be wary of emails containing phrases like ‘you only have 3 days to reply’ or ‘urgent action required’.

Bogus websites

Fraudsters often include links to webpages that look like the homepage of the HMRC website. This is to trick you into disclosing personal or confidential information. Just because the page may look genuine, doesn’t mean it is.

Bogus webpages often contain links to banks or building societies, or display fields and boxes requesting your personal information such as passwords, credit card or bank account details.

You should be aware that fraudsters sometimes include genuine links to HMRC webpages in their emails, this is to try and make their emails appear genuine.

Common greeting

Fraudsters often send high volumes of phishing emails in one go, so even though they may have your email address, they seldom have your name. Emails from HMRC will;

  • usually use the preferred name you’ve provided to us, where you’ve signed-up to HMRC subscription services for example.
  • always include information on how to report phishing emails to HMRC.

Attachments

Be cautious of attachments to any emails form an unknown source as these could contain viruses designed to steal your personal information.
For more information on the subject and examples of phishing and bogus emails go online yourself using the following links:

https://www.gov.uk/government/publications/genuine-hmrc-contact-and-recognising-phishing-emails/genuine-hmrc-contact-and-recognising-phishing-emails

https://www.gov.uk/government/publications/phishing-and-bogus-emails-hm-revenue-and-customs-examples