HMRC warns taxpayers of ‘sophisticated’ phishing scams

HMRC has warned taxpayers filling in their self assessment forms for the end of January that thousands of scam emails have been sent out targeting them.

The email phishing scam tells the recipient that they are due a tax refund, and asks for bank or credit card details it can be paid out.

In this instance, the criminals are offer reasonable sums of money - a reported 250 - which strengthens the validity and appeal of the emails.

These attacks are similar to ones that IT PRO reported on in July, with 33,000 emails sent over a three-day period.

However, HMRC is also aware of a growing number of telephone scams, where fraudsters are posing as tax officials arranging rebate payments.

It was warned that customers who provided these details risked their accounts being emptied and their credit cards used to the limit, as well as having their personal details sold on to criminal gangs.

Lesley Strathie, chief executive of HMRC, said that this was the most sophisticated and prolific phishing scam that they had ever encountered.

She said: "We only ever contact customers who are due a refund in writing by post. We never use emails, telephone calls or external companies in these circumstances.

"I would strongly encourage anyone receiving such an email to send it to us for investigation," she added.

Greg Day, security analyst for Symantec, said that cybercriminals had changed their approach and were targeting people for smaller gains and a greater success rate.

He said: "The level of attention to detail is something that we saw increasingly last year and sets the tone for spam in 2009.

"As the recession takes its toll on many people across the UK and beyond, and as finances become even more stretched, people are becoming more susceptible to such scams."

HMRC said that it was thoroughly investigating the attacks with UK law enforcement with law enforcement agencies, and had already shut down a number of overseas scam networks.