Tag: fraud

WhatsApp ‘family emergency’ scam warning

Online safety is increasingly important, even for popular platforms like WhatsApp. With over 2 billion users worldwide, WhatsApp has become a favourite target for fraudsters and tactics have become more ingenious and effective than ever.

The majority of users are vulnerable when online, making it an irresistible platform for scammers. Cybersecurity experts from VPN Overview have compiled their top tips on how to recognise WhatsApp scams and how to prevent them:

What is WhatsApp fraud (friend or family emergency scam)?

WhatsApp fraud is a form of fraud in which cybercriminals pretend to be a victim’s acquaintance and then ask them for money. Currently, most of those criminals pose as a friend or family member and ask for financial help because “they urgently have to pay a (high) bill” or “they have an emergency and urgently need some money”.

Usually, the perpetrators pretend to be in a hurry, most likely to entice their victims to take immediate action. That is why this type of fraud is also referred to as a friend or family emergency scam. Sadly, on average victims loose thousands of dollars to WhatsApp scams. Age also seems to be a factor, with most of the victims being over 50 years old.

In most cases the phone number used by the criminal to commit WhatsApp fraud is unknown to the victim, yet the attached profile picture is familiar. Consequently, the victim thinks that he or she is indeed communicating with a friend or family member.

However, criminals can easily copy a photo from other social media platforms, such as Facebook or Instagram. The same applies to other information that can be used to mislead the victim. Like the vocabulary an individual may use, or certain events the individual may have posted about online (“Should’ve asked you for help when we were in that bar yesterday…”).

What are the tell-tale signs of WhatsApp scams?

  • Scammer creates a sense of urgency and pressures you to pay quickly.
  • Scammer contacts you from an unknown number.
  • Scammer informs about a number change and quickly talks about money.
  • Poor English is used in their messages.
  • Scammer does not want to be called.
  • Scammer asks for money to be transferred to an unknown account or uses an app that hides account numbers.

Tips to prevent WhatsApp fraud

  • Check if the number is correct if someone asks for money.
  • Check the language and communication style of the message.
  • Call the number or contact the person in a different way to verify the story.
  • Do not let the fraudster pressure you; think logically.
  • Ask the scammer a question only your friend or acquaintance would know the answer to if suspicious.
  • Secure voicemail with a personal code.
  • Never send a verification code without questioning.
  • Set up “2-Factor Authentication” on WhatsApp.

Remember that the tips provided above are not only important to protect yourself. If criminals manage to hijack your WhatsApp account, they can easily scam your contacts and possibly take over the accounts of your friends and family as well. 

I’ve been a victim of WhatsApp fraud, what can I do?

If you have been a victim of WhatsApp fraud, it is important to remain calm and report the incident to your bank and the police.

Depending on the circumstances, it may be possible to reverse the payment, but individuals must act quickly. Wire transfers are harder to recover, and online payment services or apps can complicate the process.

Even if a refund is not issued, the bank will investigate the fraud claim to protect customers and prevent future fraud. Reporting scams to WhatsApp and AnyScam is also recommended, and national help groups for victims of fraud can assist individuals in dealing with the process and preventing future fraud.

Online banking: 12 ways to stay safe

Dodge online banking fraudsters with these 12 cybersecurity tips

A recent Which? study tested the security of 13 of the UK’s most popular online banking sites between September and November 2022. The study found that Virgin Money, TSB and Nationwide were the worst at protecting their customers from online scammers.  

With so many well known banking sites falling short when it comes to blocking fraudsters, cybersecurity experts at VPNOverview have compiled a list of 12 safety tips to keep your money safe from malware and phishing scams. 

What are the possible dangers of online banking?

Financially motivated cybercrime, using malware and phishing, is growing at a rapid pace. In fact, by 2023, the number of internet users is set to increase by 275%, creating more targets for online banking fraudsters. Banks worldwide are doing all they can to protect their customers from banking fraud by raising awareness and utilising new technology to make online banking safer.

Malware

Cybercriminals can use malware like spyware to break into your phone or computer and potentially steal your banking details. Cybercriminals can use a keylogger to track your keystrokes and steal your banking login details as you are typing them. In the worst-case scenario, a hacker can infect your computer with a virus, allowing them to gain total control of your computer and possibly transfer your money straight into their account

Phishing

Phishing is where a cybercriminal attempts to obtain someone’s sensitive information by pretending to be a party this person trusts, such as a bank. This imposter would contact the victim via email or phone to trick them into surrendering login information. The scammer will often produce a plausible reason why they are asking for this sensitive information. It is essential to stay vigilant and remember: it is highly unlikely that your bank will ask you for login details, PIN codes or confidential information.  

12 online banking safety tips

1. Be wary of transfers: Only transfer money to parties you trust. Money transfers cannot usually be reversed without the explicit permission of the receiving party. 

2. Use a unique password and login details: Make sure your banking login details are different from your other online portals or services; it is much safer to have a different password for your bank if a hacker gains access to your device. The most secure password you can create will be at least ten characters long, containing a minimum of one uppercase letter, one lowercase letter, one number, and one symbol. It would be best if you considered changing your password to a new unique password every six months. 

3. Keep login details safe: Do not give your online banking login details to anyone. If you receive a phone call or an email asking for you to enter your banking login details, sensitive information or PIN codes, this could be a phishing scam. 

4. Use fingerprint and face ID: Make use of the newest technology when it comes to signing into your online banking apps. Using a fingerprint or Face ID login is much safer than the traditional username and password. Another security measure to consider is using two-factor authentication, essentially providing two methods of logging in to ensure that the right person is logging in.

5. Update apps: Ensure your device’s operating system is up-to-date. The same goes for your online banking app if you use one. The best practice is to configure your settings to update all updates automatically. 

6. Never click on suspicious hyperlinks: If you receive an email or a text from a number or address you don’t recognise that contains a hyperlink, don’t click on it. Do not download any files they may contain. 

7. Be wary of suspicious emails: Cybercriminals may send you a convincing-looking email with your bank’s logo and a professional-looking layout. If this email asks for sensitive information, including your password, login details or PIN code, delete this email. 

8. Check HTTPS connection: Always ensure the website you visit has a secure HTTPS connection before you log in to your online banking account. Many browsers, such as Google Chrome, Mozilla Firefox and Internet Explorer, show whether your connection to a certain website is secure. Some of these browsers may display a padlock symbol inside the address bar indicating the safety of a website’s connection. If not, you can check the URL: 

If the URL you visit contains “https://”, this is secure as the ‘s’ stands for secure. If you see “http://” the connection isn’t secure. You may have to click on the URL in the search bar to see the “https://” appear. If the connection isn’t secure, do not share any personal details with that page. 

9. Install antivirus software: Install antivirus software on your device to protect yourself from malware and viruses. The best antivirus programs will offer a built-in firewall, essentially a network security device that provides a barrier between a trusted network and an untrusted network. 

10. Be wary of phishing: If you suspect you have come across a potential phishing email or call that claims to have been sent by your bank, contact your bank immediately to notify them. If they do not know about this request, you were likely almost a victim of a phishing scam. 

11. Check your banking app frequently: Frequently check your online bank for peculiar activities and alert your bank of any transactions that you don’t recognise. 

12. Trust your gut: Ultimately, if something doesn’t feel quite right as you’re transferring a payment or entering sensitive details, trust your gut and don’t continue. 

A spokesperson from VPNOverview commented: “Although banks around the world are working hard to make online banking as safe as possible, it is still a good idea to take some safety measures yourself when managing your finances.

“By taking charge of your own online safety, you can prove to your bank that you are not negligent and are more likely to be reimbursed by your bank if something bad happens. By following these tips to protect yourself while online banking, managing, paying and receiving money will become a lot safer.” 

Barclays: Stay vigilant on Black Friday

Barclays report suggests 72% of people living in Scotland will do most or all of their Christmas shopping on Black Friday

34% surge in Black Friday shopping scams last year

  • 72% of people living in Scotland will do most or all of their Christmas shopping on Black Friday
  • 44% of people living in Scotland will do most or all of their Black Friday shopping online
  • 56% of people living in Scotland say they plan to spend between £100 and £400 online shopping this Black Friday
  • After last year’s Black Friday sales, there was a 34 per cent surge in reported purchase scams, according to new Barclays data.
  • Victims lost on average £1,072 to purchase scams during the seasonal shopping period.

New data from Barclays suggests that 72% of people living in Scotland are likely to do all or most of their Christmas shopping on Black Friday with 56% saying they will spend between £100 and £400 on the day.

The figures also reveal that 36% of people living in Scotland will be relying on Black Friday sales more than previous years as they are looking to make savings wherever they can and 31% feel pressure to make purchases as quickly as possible to make sure they get the best deals.

A further 44% plan to do most or all of their Black Friday shopping online this year.

However, the number of reported purchase scams after Black Friday and Cyber Monday across the UK last year rose by 34 per cent, with an average of £1,072 lost to scammers.

Barclays data also shows that the proportion of scams taking place on tech platforms, such as purchase/auctions sites, social media, or dating apps, has increased by 71% since the beginning of 2021.  Currently 77% of all scams take place on these platforms, but at the beginning of 2021 it was just 45%.

With the average Brit expected to spend over £200 on shopping during Black Friday this year, Barclays is urging shoppers to take extra care when purchasing things online throughout the sales season.

The Bank’s findings reveal that worryingly, many consumers are changing their normal behaviour on Black Friday when searching for the best deals.  Almost a third (32%) across the UK feel pressured to make a purchase as quickly as possible to make sure they get the best deal.  

One in five (19%) said they were more likely to take note of a “too good to be true” deal, and a further 17% admitted to shopping on sites they haven’t heard of before if they have particularly good deals or sales.

Ross Martin, Head of Digital Safety at Barclays, said: “Whilst Black Friday is a great way for Brits to save money ahead of the Christmas season, it is important to stay vigilant when making purchases.

“This year more than ever, people will be looking for the best bargains, which could lead them right into the hands of scammers, who will be advertising false offers to lure victims in.

“Just remember – ignore any pressure that is being put on you – and if a deal seems too good to be true, it probably is.”

Barclays is urging buyers to follow these four steps this Black Friday:

  1. Do your due diligence: Research and read reviews to check the site and the seller are genuine.
  2. View the item: If you can, view the item in person first to make sure it exists, especially if it’s a big purchase, like a smartphone or even a car.
  3. Get a second opinion: Always speak to someone you trust for a second opinion, whether it’s a friend, family member, or your bank.
  4. Be wary of unlikely offers: Many purchase scams offer huge discounts that you wouldn’t normally find at retailers you would normally trust. Remember, if a deal seems too good to be true, it probably is.

For more information, and tips to stay alert from the latest scams, please visit: www.barclays.co.uk/scams/.

Glasgow Bounce Black Loan fraudster disqualified as company director

Brendan Michael Gaughan, 40, from Glasgow has been disqualified as a director for 12 years, after using his companies to take out Bounce Back Loans totalling £135,000 that the companies were not eligible for.

Gaughan was director of three separate property management companies, Gaughan Group Ltd, Gaughan Property Ltd, and Rentl Property Ltd. They were only incorporated in February 2020 and did no business until April 2020.

As a result, they were not eligible for funds through the Bounce Back Loan (BBL) scheme, which was available only to firms that had been doing business on 1 March 2020.

However in May 2020, Gaughan Group received a BBL of £50,000, Gaughan Property received a BBL also of £50,000, and Rentl Property Ltd received a BBL of £35,000.

Gaughan transferred all the funds into a single account and proceeded to use the money to buy a property worth nearly £160,000 in August 2020. He then sold the property in March 2021 for just over £140,000, and on the same day transferred £100,000 of the proceeds to his personal account.

All three companies were put into liquidation on 11 October 2021, which triggered an investigation by the Insolvency Service.

The Secretary of State accepted disqualification undertakings from Brendan Michael Gaughan, after he did not dispute that none of his companies had been eligible for Bounce Back Loans.

He has been banned for 12 years, effective from 27 October 2022.

The disqualification undertakings prevent him from directly, or indirectly, becoming involved in the promotion, formation or management of a company, without the permission of the court.

Steven McGinty, Investigation Manager at the Insolvency Service said: “Bounce Back Loans were made available for trading companies adversely affected by the pandemic.

“Brendan Gaughan should have known his companies weren’t entitled to the loans yet he took them anyway and used the funds for personal gain.

“We will not hesitate to take action against directors who have abused Covid-19 financial support like this.”

Brendan Michael Gaughan is of Glasgow and his date of birth is November 1982.

Gaughan Group Ltd – SC655799

Gaughan Property Ltd – SC655896

Rentl Property Ltd – SC655897

Disqualification undertakings are the administrative equivalent of a disqualification order but do not involve court proceedings.

Persons subject to a disqualification order are bound by a range of other restrictions.

Information about the work of the Insolvency Service, and how to complain about financial misconduct.

Self Assessment customers could be a target for fraudsters, HMRC warns

Self Assessment customers who are starting to think about their annual tax returns for the 2021 to 2022 tax year should guard against being targeted by fraudsters, warns HM Revenue and Customs (HMRC).

In the 12 months to August 2022, HMRC responded to more than 180,000 referrals of suspicious contact from the public, of which almost 81,000 were scams offering fake tax rebates.

Criminals claiming to be from HMRC have targeted individuals by email, text and phone with their communications ranging from offering bogus tax rebates to threatening arrest for tax evasion. Contacts like these should sound alarm bells – HMRC would never call threatening arrest.

Anyone contacted by someone claiming to be from HMRC in a way that arouses suspicion is advised to take their time and check the scams advice on GOV.UK.

Customers can report any suspicious activity to HMRC. They can forward suspicious texts claiming to be from HMRC to 60599 and emails to phishing@hmrc.gov.uk. Any tax scam phone calls can be reported to HMRC using the online form on GOV.UK.

Myrtle Lloyd, HMRC’s Director General for Customer Services, said: “Never let yourself be rushed. If someone contacts you saying they’re from HMRC, wanting you to urgently transfer money or give personal information, be on your guard.

“HMRC will never ring up threatening arrest. Only criminals do that.

“Tax scams come in many forms. Some threaten immediate arrest for tax evasion, others offer a rebate. Contacts like these should set alarm bells ringing, so take your time and check ‘HMRC scams advice’ on GOV.UK.”

Fraudsters target customers when they know they are more likely to be in contact with HMRC, which is why Self Assessment customers should be extra vigilant to this activity. There is a risk they could be taken in by scam texts, emails or calls either offering a ‘refund’ or demanding unpaid tax, thinking that they are genuine HMRC communications referring to their Self Assessment return.

Some customers who have not done a Self Assessment return previously might be tricked into clicking on links in these emails or texts and revealing personal or financial information to criminals.

The deadline for filing paper tax returns for the 2021 to 2022 tax year is 31 October 2022, and 31 January 2023 for those filing their tax return online. Customers who file their return online via GOV.UK should not share their HMRC login details. Someone using the details could steal from the customer or make a fraudulent claim in their name.

HMRC is actively tackling the scams and fraudsters who attempt to mimic genuine HMRC activity and messages. The department’s dedicated Customer Protection Team works continuously to identify and close down scams.

HMRC also tackles misleading websites designed to make people pay for services that should be free or low cost, charging to connect people to free HMRC phone helplines. To protect the public, HMRC formally disputes and takes ownership of HMRC-branded internet domain or website names. Since 2017, the department has recovered more than 183 websites hosting low-value services such as call-connection sites, saving the public millions of pounds.

Former nurse disqualified as a company director for 10 years

Director of health and wellbeing company falsely claimed £30,000 Bounce Back Loan for personal gain during pandemic

Monica Coyle, 51, from Kilmarnock has been disqualified as a director for 10 years after fraudulently claiming a £30,000 government Bounce Back Loan (BBL).

Coyle, a former NHS nurse, was director of Positive Pulse Limited, a health and wellbeing company which provided health checks to employees of businesses. She had also been president of business and professional women’s group Ayrshire Business Women in 2019.

Coyle applied for the Bounce Back Loan in May 2020 after the Covid-19 pandemic impacted her business.

She falsely declared turnover of £130,000 in her application, rather than the actual turnover of her business, which was less than £5,000.

As a result, Coyle received a BBL of £30,000, of which she spent over £26,000 on personal use.

Bounce Back Loans were earmarked for small to medium sized companies impacted by Covid-19, and the loans were designed to support the company, rather than for the director’s own gain.

Positive Pulse Limited went into Creditors Voluntary Liquidation in February 2022, owing £30,000 to the bank, in respect of the BBL.

The Secretary of State accepted a disqualification undertaking from Monica Coyle, after she did not dispute that she caused the company to apply for, and receive, a BBL of £30,000 which the company was not entitled to, following which she received personal gain.

Her ban is effective from 16 September 2022 and will last for 10 years.

The disqualification undertaking prevents Monica Coyle from directly, or indirectly, becoming involved in the promotion, formation or management of a company, without the permission of the court.

Investigation Manager Steven McGinty said: ‘Bounce Back Loans were made for the economic benefit of the company, not for directors’ personal gain.

‘Monica Coyle exploited the scheme and took taxpayers’ money during the pandemic which she knew she was not entitled to.’

Police issue fraud warning

Over recent weeks, a number of high value frauds have been carried out in the Edinburgh area, whereby elderly victims have been “cold called” by individuals (fraudsters) purporting to be from various banks.

The victims are told that there are issues with their investments and that they are on a Financial Conduct Authority (FCA) “red flag” list, where security concerns have been raised against their funds.

The victims are then instructed by the fraudster to set up new bank accounts in their own name (“safe accounts”), amalgamate their funds and then transfer all funds onto these new accounts

. There are occasions when the fraudster will make attempts to download software onto the victims electronic devices and then control their future financial activities. The funds are thereafter transferred into cryptocurrency.

The public should remember these 4 key points:

🔶 Banks do not cold call customers with such instructions.

🔶 The public should fully safeguard their savings from criminals.

🔶 Do not act on instructions provided by unknown callers.

🔶 Do not give any personal information to callers which would enable them to access your finances.

If in any doubt about the legitimacy of callers, make direct contact with your bank branch, your bank customer services or your investment company.

Advice is also listed on the following websites –

➡️takefive-stopfraud.org.uk

➡️http://citizensadvice.org.uk/…/check-if-something-might…

➡️http://scotland.police.uk/advice-and…/scams-and-frauds

Just one week to go to the tax credits deadline – don’t miss out

The deadline for tax credits renewals is 31 July 2022. With just over a week to go, customers are being urged to renew their claim using HMRC’s online services.

With just over a week to go, HM Revenue and Customs (HMRC) is urging more than 222,600 tax credits customers to renew their claims before the 31 July 2022 deadline.

Customers are being warned not to leave their renewal until the last minute and risk their payments being stopped. They can do it any time – day or night – through HMRC’s online services, including the HMRC App.

Tax credits help working families with targeted financial support and more than 363,000 customers have already renewed ahead of the deadline.

Myrtle Lloyd, HMRC’s Director General for Customer Services, said: “The 31 July deadline is fast approaching and renewing your tax credits is too important to forget. HMRC support is available at all times of the day and night via GOV.UK and the smartphone app to help customers get their renewals right.

“It’s great to see so many customers have already renewed their tax credits. I urge those who are yet to renew to do so as soon as possible, in order to avoid having their payments stopped.”

Customers can manage their tax credits quickly and easily online. Once tax credits customers have completed their renewal, they can use their online account to check its progress and find out when they will hear back from HMRC.

If there is a change in a customer’s circumstances that could affect their tax credits, they must report the changes to HMRC. These include changes to:

  • living arrangements
  • childcare
  • working hours, or
  • income (increase or decrease).

Customers choosing to use the HMRC app on their smartphone can:

  • renew their tax credits
  • make changes to their claim
  • check their tax credits payments schedule, and
  • find out how much they have earned for the year

As part of the UK government’s package to support households with the rising cost of living, a Cost of Living Payment of £650, payable in two separate lump sums of £326 and £324, for households receiving certain benefits or tax credits, has been introduced.

For eligible customers receiving tax credits only and no other eligible benefits, HMRC will contact them to let them know they’re eligible and will issue payments automatically, with the first being made in the autumn. Customers do not need to contact HMRC or apply for the payment. More information on the Cost of Living Payment, including eligibility, is available on GOV.UK.

Tax credits are ending and will be replaced by Universal Credit by the end of 2024. Many customers who move from tax credits to Universal Credit could be financially better off and can use an independent benefits calculator to check. If customers choose to apply sooner, it is important to get independent advice beforehand as they will not be able to go back to tax credits or any other benefits that Universal Credit replaces.

As the deadline for renewals approaches, customers hurrying to sort out their accounts could be more vulnerable to scammers. 

HMRC is warning that if someone contacts them saying that they are from HMRC and wants the customer to transfer money urgently or give personal information, they should never let themselves be rushed. 

HMRC is also urging customers never to share their HMRC login details. Someone using them could steal from the customer or make a fraudulent claim in their name. The department urges people to take their time and check HMRC’s advice about scams on GOV.UK.

Customers can download the HMRC app for free from their smartphone app store.

Phone scams reported to HMRC fall in Scotland

Phone scam reports have fallen by 84 pent cent in Scotland over the last year, new regional data from HM Revenue and Customs (HMRC) has revealed. 

In the Scotland, 384 phone scams were reported to HMRC in June this year compared to 2432 in June 2021.  

People aged between 25 and 34 appear to be most affected by scams in the region, with 94 reporting phone scams in Scotland in June. 

HMRC has made significant efforts to tackle the problem and protect the public. Scam call reports from across all regions peaked in March 2021 with almost 76,000 reports. This was slashed to just over 5,000 in March this year.  

To fight phone scams, HMRC has worked with the telecoms industry and Ofcom to stop HMRC’s helpline numbers from being spoofed by fraudsters, who can no longer appear to be calling from an HMRC number. HMRC also has a dedicated customer protection team working on cyber and phone phishing scams around the clock. 

The drop in reported phone scams is a testament to the work of teams across HMRC in tackling fraud. HMRC’s phishing referral tools and innovative technology all play a part in the department’s efforts to combat fraud, which has resulted in fewer people falling victim to and reporting tax scams.  

Kelly Paterson, HMRC’s Chief Information and Security Officer, said: 

“We work tirelessly to tackle scams and protect hard-working taxpayers from becoming victims of fraud. 

“Never let yourself be rushed. If someone contacts you saying that they are from HMRC, wanting you to urgently transfer money or give personal information, be on your guard. HMRC will never ring out of the blue threatening arrest. 

“To help us fight these crimes, forward suspicious texts claiming to be from HMRC to 60599 and emails to phishing@hmrc.gov.uk. Report tax scam phone calls to us on GOV.UK.” 

HMRC received over 212,500 reports in total of all kinds of scams, by email, text message and phone, over the past year, nationally. 

Phone scammers often call people threatening immediate arrest for fictitious tax owed.  Sometimes they claim that the victim’s National Insurance number has been used in a fraud or offer a fake tax rebate as a way of stealing personal and banking information.   

In addition to warning the public about phishing scams, HMRC urges people never to share their HMRC login details. Criminals using the logins could steal from the customer or make a fraudulent claim in their name. 

HMRC’s phishing scam advice is:

Stop:

  • take a moment to think before parting with your money or information
  • if a phone call, text or email is unexpected, don’t give out private information or reply, and don’t download attachments or click on links before checking on GOV.UK that the contact is genuine
  • do not trust caller ID on phones. Numbers can be spoofed

Challenge:

Protect:

  • forward suspicious texts claiming to be from HMRC to 60599 and emails to phishing@hmrc.gov.ukReport tax scam phone calls on GOV.UK
  • contact your bank immediately if you think you’ve fallen victim to a scam, and report it to Action Fraud (in Scotland, contact the police on 101).

The numbers in this release refer only to phone scam reports to HMRC using a GOV.UK form introduced in 2020 and do not reflect all of the phone phishing reports that the department has received through email and other channels.

HMRC phishing scams – how to spot and avoid bogus communications

Fake emails, calls and messages suggesting they are from Her Majesty’s Revenue & Customs (HMRC) have grown exponentially in the last five years with many people falling foul to fraudsters.

Here, Perrys Chartered Accountants discusses the latest HMRC cyber scams doing the rounds and how to spot bogus communications:

In 2021, HMRC received more than 670,000 calls from individuals reporting tax scams. Despite a significant drop in reports to HMRC in recent months, statistics show that tax-related scams doubled during the pandemic and HMRC is still advising caution of any correspondence – particularly via text or email – implying it is from the tax authority.

Scams can come in many forms. However, the most common tactic used by fraudsters is contacting potential victims via automated messages. So, what should you look out for?

HMRC email scams

Phishing attacks aren’t new, but the tactics employed by fraudsters have become increasingly sophisticated over the years with many able to replicate email addresses from authorities, such as HMRC, that on first glance look bona fide.

These attacks aim to extract personal information and data from an individual that enables fraudsters to steal identities, bank details and more.

One such campaign doing the rounds is an email telling customers that they are eligible to receive an employment income support scheme credit during the COVID-19 pandemic. If you receive such an email, you should not reply to it, click on any links in the email or open any attachments. You should also avoid disclosing any personal or payment information. Instead, report it immediately to HMRC by emailing it to phishing@hmrc.gov.uk.

Fake tax rebates

Another common scam is the offer of a tax rebate either via text or email. HMRC will never contact anyone by text or email about tax rebates, so any messages received offering a refund will certainly be fake. If you receive any such message, do not reply but report it to HMRC and then delete it.

Be wary of website links and malicious web pages

HMRC will never ask you to click on a link to complete your details online to receive a rebate.

Web pages can also be dangerous with many fake sites cloning or copying official pages from HMRC’s website or claiming to be officially affiliated with the tax authority. To avoid being fooled by a fake website, always visit HMRC directly by typing the government’s official URL https://www.gov.uk/ into your browser.

HMRC text scams

HMRC will never ask for any personal or financial information when sending out texts. If you receive such a text, do not reply to it or open any links contained in the message. Instead, you can send any phishing text messages to HMRC using the text number 60599 or by emailing it to phishing@hmrc.gov.uk.

HMRC phone scams

Phone scams are performed using a variety of methods and are often used to target elderly and vulnerable people.

A popular way for fraudsters to target potential victims is by using an automated message. HMRC is aware of a scam which tells the receiver that they are the subject of a lawsuit and to press 1 to speak to a caseworker to make a payment. This is false. If you receive such a call, you should end it immediately.

Other similar scams might refer to National Insurance number fraud or tax refunds and will ask you to supply bank or credit card information. If you are at all unsure, or you cannot verify the caller, hang up and report it to Action Fraud.

When reporting phone scams, you should include the date of the call, the phone number used to contact you and what the call was about. You can also contact HMRC directly on its phone number 0300 200 3310 to verify the legitimacy of any calls you receive alleging to be from the authority.

HMRC WhatsApp scams

HMRC will never use WhatsApp to contact customers about a tax refund. If you receive any such communication via WhatsApp saying it is from HMRC, you should report it immediately by emailing HMRC and then delete it.

HMRC social media scams

One of the most recent social media scams being used to con people is the distribution of direct messages via Twitter offering a tax refund. These messages are not genuine and HMRC will never use social media platforms, such as Twitter, Instagram, Facebook and LinkedIn, to offer tax rebates or request personal information. Ignore all such messages and report them to HMRC straight away.

HMRC refund companies

Refund companies that send emails or texts advertising their services and offering to apply for a tax rebate on your behalf in return for a fee are not connected with HMRC in any way. Before using any such service, you should read the company’s terms and conditions or disclaimers and think carefully before instructing them to assist you. If in doubt, contact a professional accountant for advice.

HMRC customs duty scams

Changes officially introduced by HMRC on 1 January 2021 mean that some UK consumers buying goods from EU businesses might need to pay customs charges when their goods are delivered. This change in regulations has resulted in a surge of associated email and text scams asking for customs duty payments.

Customers are contacted via false emails or texts and told they must pay customs duty to receive a valuable parcel which doesn’t exist. If you are not expecting any parcel or if you are in any doubt as to the authenticity of such messages, then do not reply. Instead, you should report any suspicious activity to HMRC immediately by emailing phishing@hmrc.gov.uk.

University students taking part-time jobs

According to HMRC, undergraduates taking part-time jobs are at increased risk of falling victim to scams – particularly if they are new to interacting with the tax authority and unfamiliar with its processes.

Between April and May 2021, more than 5,000 phone scams were reported to HMRC by 18 to 24 year olds. The advice is to be wary if you are contacted out of the blue by someone asking for money or personal information.

Mike Fell, Head of Cyber Security Operations of HMRC, said: “We see high numbers of fraudsters contacting people claiming to be from HMRC. If in doubt, our advice is – do not reply directly to anything suspicious, but contact HMRC through GOV.UK straight away and search GOV.UK for ‘HMRC scams’.

For further information and guidance about HMRC phishing scams, visit HMRC’s official web page https://www.gov.uk/topic/dealing-with-hmrc/phishing-scams.