Debunking hoaxes and exposing scams since 2003!





Jump To: Example    Detailed Analysis   Comments   References

HM Revenue & Customs Tax Refund Phishing Scam


Jump To: Example    Detailed Analysis   Comments   References

Outline

Email purporting to be from UK tax agency, HM Revenue & Customs claims that the recipient can submit a tax refund request by clicking a link in the message.

Phishing for personal information
©Depositphotos.com/fabioberti.it



Brief Analysis

The message is not from HM Revenue & Customs and there is no tax refund. It is a typical tax refund phishing scam designed to trick you into divulging sensitive personal and financial information to Internet criminals.

   

Share







Bookmark and Share




Examples

Subject: Your tax refund payment! Dear Applicant:

You have received a tax refund payment of 632.25GBP from HMRC (HM Revenue & Customs) into your internet Banking Account.

Please accept the tax refund request. The money will appear in your Internet Banking Account after 3-6 days. Please click on sign in to Online Banking to accept your incoming funds

Best Regards

HM Revenue & Customs


HM Revenue & Customs Tax Refund Phishing Scam

Detailed Analysis

The message is not from HM Revenue & Customs and there is no tax refund. It is a typical tax refund phishing scam designed to trick you into divulging sensitive personal and financial information to Internet criminals.

For several years, UK Residents have been receiving emails that claim to be from HM Revenue & Customs (HMRC). The emails, which have seemingly legitimate HMRC logos and formatting, claim that the recipient can apply for a tax refund by clicking an included link. However, the messages are not from HMRC and are in fact the first part of a typical phishing scam.

Clicking the link in the scam messages will open a bogus website that asks the user to provide bank account details, credit card numbers, and other personal information. The fake site has been created to closely resemble the real HMRC website in order to fool victims into parting with their personal information. The site informs victims that they need to provide the requested details so that the tax refund can be transferred directly to their account. However, there is no refund. Any details entered into the bogus web form can be harvested by the criminals operating the scam and used for fraud and identity theft.

HMRC has published information about this and other scams on its website.

Very similar tax refund scams have targeted taxpayers in Australia, the United States, Canada, South Africa, and several other nations.

Any email that claims to be from a tax department and asks you to click a link and provide personal information should be treated with extreme caution. No legitimate government tax office is likely to provide tax refund information via an unsolicited email, nor would they ask recipients to follow a link and provide financial information.

Scammers use a large array of ruses designed to trick recipients into surrendering personal information. If you receive an unsolicited email from a government department, bank or other institution that asks you to click an included link or open an attached file and provide sensitive personal information, then you should view the message with the utmost suspicion. If you have any doubts at all about the veracity of the email, contact the institution directly to check before clicking links in the message or supplying information.

For more details about how phishing scams work, see:
Phishing Scams - Anti-Phishing Information

The following video provides more information about Tax Refund Phishing Scams:








Phishing attack

©Depositphotos.com/illuland


Last updated: June 19, 2015
First published: 13th February 2007
By Brett M. Christensen
About Hoax-Slayer

References
Known spoofs and phishing attempts
Department of Finance Phishing Scam
IRS Refund Scam Email






Latest Hoax-Slayer Articles