HMRC announce a rise in 'phishing' emails

HM Revenue and Customs has reported a large rise in fraudulent 'phishing' emails involving a number of banks, insurance companies, pension providers, and HMRC themselves. Phishing is where criminals send convincing-looking fraudulent emails to entice you to give them your personal information.

 Here are a few pointers to help protect you from fraudulent emails

1.       Check the email address − is it the same as the email address you usually receive emails from, or only similar? Our emails always end in '’

2.       Check the web address − in emails, website addresses may appear genuine on first sight, but if you hover your mouse pointer over the link without clicking, it may reveal a different web address.

3.       Check the email subject line − be wary of anything along the lines of "secure message", "important information required", "verify or update your details".

4.       Be suspicious of any message that creates a sense of urgency − such as "If you don't respond within 48 hours, your account will be suspended".  A legitimate company will not create a false sense of urgency.

5.       Check the grammar and spelling −  for mistakes or inconsistencies.

6.     Think − is the email consistent with the type and tone of messaging you would normally receive from the sender? Criminals can fake email addresses, therefore do not assume that because the email address looks correct that the email is legitimate; carry out other checks as well.  If you are not sure, contact the sender by phone to confirm if it is genuine.

In order to assist you, we are sharing the following precautionary information that may help you protect yourself against potential threats: 

Be sceptical when you receive an email from a sender that you do not recognise − be even more wary if it asks for confidential information

  • Do not click on links contained in suspicious emails or open attachments − instead, open a new browser window and type the URL directly into the address bar 
  • Never give out personal security details (e.g. username and/or password) in an email or over the telephone − we will never email you asking for your personal or security information

Ensure you have installed anti-virus and firewall software, and keep it up to date