HM Revenue and Customs (HMRC) is boosting its online protection and urging all customers to keep their personal details safe online, when completing their Self Assessment return.
Over the next six weeks, HMRC will be issuing more than a million Self Assessment emails to customers, reminding them of the impending 31 January deadline. As one of the most phished brands in the world, HMRC has a strict protocol in place to help customers protect themselves against email scammers.
Scammers use this peak in online activity to carry out increasingly sophisticated frauds and to make their phishing emails appear genuine and relevant. Cyber criminals are likely to use the approaching 31 January deadline for Self Assessment as a cover for their scams.
Customers receiving an email from HMRC can check against the protocol to see whether it is genuine or a fraud.
An HMRC email to customers about their personal tax or tax credits will never include or ask for:
- personal or financial information of any sort; this includes the customer’s full address, full postcode, Unique Tax Reference (UTR), or any bank details
- financial information which refers to specific figures, tax computations or specific facts about a customer
- email attachments
- web links
- an offer of a repayment or refund
- a personal HMRC email address to send a response to.
The online tax return service is just one of the digital services that HMRC provides, with more than 85% of 2013-14 Self Assessments completed online by the 31 January deadline. Last week HMRC also launched the Personal Tax Account which, by the end of 2016, will enable all customers to communicate with HMRC safely and securely through messaging and web chat within the online account.
HMRC takes online security extremely seriously, but it also needs customers to play their part. As HMRC provides more digital ways of working, it is constantly improving its online security. Customers will see this when accessing the Self Assessment service this year, with the addition of more security controls.
HMRC is asking all customers to be vigilant when completing their tax return online. They can help to keep their data safe by making sure their computer has up-to-date anti-virus protection and the latest version of their internet browser, by keeping their passwords safe and changing them regularly.
Jonathan Lloyd White, Director of Security and Information and Departmental Security Officer (DSO), HMRC, said:
Handling the personal details of every taxpayer in the country is a huge responsibility and the security of this data, especially online, is a top priority for HMRC.
We are committed to customers’ online security, but the methods that fraudsters use to get information are constantly changing so people need to be alert. When using our online services I would urge all our customers to be vigilant, and remember that HMRC will never send an email to ask for your personal information or password, or include a link or attachment. We want to help you stay safe online. Visit cyberstreetwise.com for more advice.
Self Assessment filing on line - is my information secure?
Notes for Editors
HMRC’s top tips for keeping your personal details safe online:
- keep your password secure and do not share with anyone
- change your password often
- have up-to-date anti-virus protection installed on your computer
- make sure your computer has the latest internet browser
- always go through GOV.UK to get through to HMRC’s online services
https://www.cyberstreetwise.com/ has lots of helpful advice on how to stay safe online
- The deadline for Self Assessment returns is 31 January.
- If you are filing your 2014-15 Self Assessment return online for the first time, you will need to register for SA Online. Registering for online filing is simple – visit GOV.UK: www.gov.uk/register-for-self-assessment.
- Help is available on GOV.UK at www.gov.uk/self-assessment-tax-returns or from the Self Assessment helpline on 0300 200 3310.
- Always type in the full online address www.gov.uk/selfassessment to obtain the correct link to file your SA return online securely and free of charge.
- Check www.gov.uk/topic/dealing-with-hmrc/phishing-scams for online security advice
- Forward suspicious emails to HMRC at firstname.lastname@example.org and then delete them
HMRC has closed 22,210 fake websites since 01 July 2014 and continues to protect customers by constantly searching for these.
- Follow HMRC on Twitter @HMRCgovuk
HMRC’s Flickr channel www.flickr.com/hmrcgovuk