Chichester Office: 01243 789031
Portsmouth Office: 023 9282 0726
E-mail address: This email address is being protected from spambots. You need JavaScript enabled to view it.

Identifying phishing emails

Source: HM Revenue & Customs | | 31/05/2017

HMRC publishes guidance on the subject of phishing and bogus emails. The document called Genuine HM Revenue and Customs contact and recognising phishing emails includes details of emails, letters, text messages, and bogus calls used by scammers and fraudsters to get your personal information.

Phishing emails are emails sent by fraudsters who try and trick recipients into thinking an email is genuine. HMRC is aware of numerous instances of phishing emails being sent from around the world that seek to acquire sensitive information such as passwords, credit card or bank account details using phoney links.

HMRC never sends notifications of a tax rebate by email, or asks recipients to disclose personal or payment information by email. The document includes instructions to help ascertain if an email is fraudulent. This includes looking out for spelling mistakes, poor grammar and generic greetings.

Last year, HMRC implemented new controls based on domain-based message authentication, reporting and conformance (DMARC). The security process works by determining which email servers are allowed to send emails on behalf of the organisation. Using the DMARC controls helps HMRC and email service providers to identify fraudulent emails purporting to be from genuine HMRC domains and prevent their delivery to taxpayers. However, the system is not fool proof and taxpayers must still be wary of any emails that don’t look quite right.

 

Newsletter

With our newsletter, you automatically receive our latest news per e-mail and get access to the archive including advanced search options!

»Sign up for the newsletter
» Login