Don’t take the bait, be cyber aware

03 April 2017

 

HMRC issue a reminder of the do’s and don’ts through their tax agent blog:

 

Scammers are using increasingly sophisticated methods to spoof legitimate HMRC communication with information that appears both genuine and relevant. However, you should always remember HMRC will never notify you of a tax rebate by email or text. And they will not ask you to disclose personal or payment information by email or text.

 

If you have the slightest doubt that a HMRC email or text is fake, then:

 

  • do not open attachments, they could contain a virus

  • do not click on links; they could take you to a fake HMRC site

  • do not disclose personal/confidential information

  • do, forward suspicious HMRC text messages to 60599 (charged at your network rate)

  • do, forward suspicious emails to HMRC phishing team at, phishing@hmrc.gsi.gov.uk.

 

If in doubt, check security guidance: Dealing with HMRC Phishing and scams.

 

If you think you have disclosed personal information in response to a scam HMRC email or text, act quickly. Contact the HMRC security team at, security.custcon@hmrc.gsi.gov.uk providing brief details of what you disclosed (e.g. name, address, HMRC User ID, password). Do not give your personal details in the email.

 

At a top level, HMRC and agents are working together to protect their clients. By reporting your suspicions, and promoting cyber security messages, you can protect yourself, colleagues and clients from threats.