How HMRC fends off phishing attacks

spam

HMRC has found a "panacea" to phishing attacks by adopting an email protocol called DMARC, achieving a 99% success rate of blocking malicious spam.

Scammers regularly target HMRC tax returns, sending phishing emails masquerading as HMRC messages to self-employed people in order to trick them into handing over the sensitive personal and financial data they would normally send to HMRC during a tax return.

But the protocol, standing for Domain-based Message Authentication, Reporting and Conformance, has put criminals off from targeting users of the tax body, its head of cyber security, Ed Tucker, told attendees of InfoSecurity Europe 2017 today.

"DMARC has had a massive impact on criminal's behaviour," he said. "There is no return on investment for criminals to attack HMRC."

In the deployment of the technology, the most marked effect has come from switching to a mode in DMARC called "p=reject". This is the strongest policy within DMARC, and led to people receiving 300 million fewer phishing emails in 2016.

This instructs email providers to carry out checks on where email has come from and to reject anything suspicious.

But the protocol can also help other organisations build up a "herd immunity", according to Neil Hammet, email security product specialist at Proofpoint. "Once everyone is covered, criminals will go some place else," he explained.

He admitted that coverage in the UK was not complete but government agencies in the country were leading the way in stopping phishing emails.

While stopping phishing attacks via email had been a clear success for Tucker, he said that efforts still had to be made against other forms of phishing. For example, there are no current means of effectively stopping phishing via SMS messages. Tucker said he was working closely with Vodafone and the GSMA to combat these types of attack.

Rene Millman

Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.