During last year’s tax credits renewal period, which runs from April to July, nearly 24,839 phishing emails were reported to HM Revenue and Customs (HMRC). And May this year has already seen a 131.32 per cent increase in phishing email reports on the same month last year, with 11,219 being recorded.
Although HMRC worked with other agencies to shut down 611 scam websites during the tax credits renewal period last year, others continue to be created.
HMRC took action to close down 1,740 illegal sites in 2013, most originating in Turkey, Spain and Bulgaria. Phishing emails also came from the UK and USA.
Phishing emails often promise money back and, if the recipient clicks on a link, they are taken to a fake replica of the HMRC website. They are then asked to provide credit or debit card details or other sensitive information such as passwords. The fraudsters then try to take money from their account.
They often ask for the recipient’s name, address, date of birth, bank account number, sort code, credit card details, national insurance number, passwords and mother’s maiden name.
In addition to money being stolen from victims’ bank accounts, their personal details can be sold to criminal gangs, leading to possible identify theft.
Nick Lodge, Director General of Benefits and Credits, HMRC, said:
HMRC will never ask people to disclose personal or payment information by email. We are committed to claimants’ online security but the methods fraudsters use to get information are constantly changing, so people need to be alert.
HMRC is asking people to be wary of e-mails with attachments which might contain viruses designed to steal personal or financial information, and not to open them.
One scam is contained in an email circulated from firstname.lastname@example.org telling recipients about a 2013 tax refund report. The email appears to have been issued by “Tax Credit Office Preston”, but it is a scam. It includes an attachment that contains a virus. Recipients are urged not to respond and to delete it immediately.
HMRC asks people to:
Check http://www.hmrc.gov.uk/security/advice.htm for its online security advice
- Forward suspicious emails to HMRC at email@example.com and then delete them
- Avoid clicking on websites or links in suspicious emails, or opening attachments
- Further advice can also be found at https://www.gov.uk/browse/benefits/tax-credits.
This year, as well as being able to renew by post and by phone, tax credits claimants with no changes to report might be able to renew online using the official GOV.UK website or via an HMRC mobile app.