As the self-assessment tax return deadline looms this week, the pressure is on for millions of self-employed workers and business owners. Getting the paperwork in on time is an annual headache and that pressure may make them more susceptible to scams.
In the last year, HMRC has received 900,000 reports of suspicious phone calls, texts and emails most promising tax rebates. And they are becoming more sophisticated and increasingly convincing.
With a galling similarity to official communications using the same logo and seemingly official reference numbers emails from fraudsters ask recipients to click on a PDF attachment, which then requires them to fill in their bank details.
Calls from numbers which look identical to HMRC are also increasing. They can even include Government Gateway account numbers which makes them very easy to fall for, and infuriating for those who succumb.
We are human, so we can make mistakes. Even cautious people click on malicious attachments or links, says Jake Moore, a specialist at internet security company ESET. As the scams spread to social media, where many people may not be expecting to be contacted about tax details, and via direct messaging through Facebook and WhatsApp, there is one simple rule to remember - HMRC stresses it never uses any social media to offer a tax rebate, or ask for personal or financial information.
The scams do not always come in the enticing form of a promised rebate. Calls can be far more threatening, telling their target they owe money and will be arrested for tax fraud or have their bank account frozen within hours if they dont pay.
Be on the alert for automated calls. Ray Walsh from ProPrivacy.com particularly warns about accepting so-called robocalls, which aim to trick people into pressing a key on their keypad to connect to a caseworker to make a payment. Some have succeeded in adding charges to a victims phone bill simply by making them press a key.
Matthew Singleton, a Manchester-based finance professional, was targeted by scammers shortly before Christmas. He received a call from an 020 number and was taken through security. The scammer knew his name and address and told him he had underpaid his income tax.
They know what the trigger points are, and that if a call or email is out of the blue you can start to get flustered
When Singleton said it was a scam, he was told to Google HMRC and go to the contacts section of the site. The scammer said he would ring back from an 0300 number listed there. My phone then came up with this 0300 number the exact same number as on the HMRC website, says Singleton. He was told he could pay the amount owed more than 4,800 over the phone. There was no way I was doing that. I had not had any documentation. But I was told an arrest warrant would be issued within two hours of the call ending.
Singleton reported the scam to Action Fraud but believes HMRC could do more to increase awareness. When you Google HMRC, why cant it put a warning under its link to explain that this could happen? The safest thing is to warn people that even calls from recognised HMRC phone numbers may not be legitimate.
Joel Lewis, consumer policy manager at Age UK, agrees. I think HMRC should do a bit more to promote the fact these scams exist. We hear a lot about self-assessment deadlines, but not that you need to watch out because there are people pretending to be HMRC, he says.
The chief executive of cyber-security firm DynaRisk, Andrew Martin, says scammers can spoof any number new or old. In the case of text messages, scammers can alter the caller ID field to say HMRC. For phone calls, they alter it to show a number thats the same as another HMRC number.
The problem has led HMRC to work with the telecommunications industry and regulator Ofcom to prevent the cloning of genuine contacts. HMRC says it has seen a 94% reduction of phone scams spoofing genuine numbers since controls were introduced in April 2019. We have put in place pioneering new controls such as DNO [Do Not Originate] to prevent spoofing of the most used inbound helpline numbers, it says. During the past year, the teams work also instigated the removal of 1,921 unique numbers being used by scammers.
It says it is also working to raise awareness of scams via the media: We have a reporting channel which responded to nearly 200,000 calls from customers in the last year, and we maintain dedicated information on HMRC scams on the gov.uk educational pages.
Consumers are advised that if they receive a phone call from someone purporting to be from HMRC, they should end the call and phone back on a verified number. Check the HMRC website or use the number on a letter you have received in the past.
Be aware, however, that scammers can keep phone lines open, which means the original connection remains active even if the consumer has hung up. So always use a different phone to call back or wait 10 minutes if its the same line.
Crucially, HMRC will only contact customers due a refund by post. It will never be by phone, text or email, nor will consumers be asked for their PIN, password or bank details. Its advice is to watch out for spelling mistakes and grammatical errors in emails, as well as the use of threatening and urgent language such as you only have three days to reply.
Lewis says the tactics scammers use can be very effective and well-honed, and that it is important not to rush into anything. They know what the trigger points are for people and that if a call or email is out of the blue you can start to get flustered and make a rushed decision, rather than taking a moment to consider what it is you are being asked to do, he says. Dont respond immediately. There is never a need to do that. Ask for a second opinion from a family member or friend or someone else you trust.
Many phishing emails avoid using a persons name and opt for a generic greeting such as Dear customer. Check the from email address carefully, too. Some use random characters and can be easier to spot, but others may end in hmrc.gov.uk and appear more convincing.
Avoid opening the message and do not click on any links or PDF attachments.
Forward suspicious emails to firstname.lastname@example.org and texts to 60599. You can also contact Action Fraud on 0300 123 2040 Monday to Friday 8am to 8pm or use its online fraud reporting tool, particularly if you have lost money
View original post here:
How scammers take advantage of stressed-out taxpayers - The Guardian
- Russian Security Hacking the 'Internet of Things' - Byline Times - April 2nd, 2020
- Unpacking TikTok, Mobile Apps and National Security Risks - Lawfare - April 2nd, 2020
- CDN and cloud suppliers join routing security initiative - ComputerWeekly.com - April 2nd, 2020
- Setting up home-based office solutions busy business for Cape Breton company - The Telegram - April 2nd, 2020
- Society's Dependence on the Internet: 5 Cyber Issues the Coronavirus Lays Bare - Nextgov - April 2nd, 2020
- Open Source Code - The Future of User Privacy - Privacy News Online - April 2nd, 2020
- GLOBAL INTERNET SECURITY FIREWALL MARKET LATEST DEVELOPMENTS, SHARES, AND STRATEGIES EMPLOYED BY THE MAJOR PLAYERS - The Fuel Fox - March 30th, 2020
- Coronavirus Proves We Need the Internet Now More than Ever Before - The National Interest - March 30th, 2020
- The story behind that little padlock in your browser - Horizon magazine - March 30th, 2020
- Finder helps secure the Internet in a time of crisis - CMO - March 30th, 2020
- New Security Report from WatchGuard Shows Explosion in Evasive Malware - socPub - March 30th, 2020
- One senator wants vendors to ensure their internet connectivity devices are secure - fifthdomain.com - March 30th, 2020
- How a VPN works - The Upcoming - March 30th, 2020
- Cryptocurrency Wallets: Everything You Ever Wanted To Know - hackernoon.com - March 30th, 2020
- Sentrybay and Raqmiyat on delivering secure work from home solutions - Tahawul Tech - March 30th, 2020
- Dot-com price rises on their way over the next four years: ICANN approves Verisign contract, walks off with $20m - The Register - March 30th, 2020
- Global Internet Security Market Overview By Threats, Major Opportunities, Drivers, Risk Analysis and Trends - Sound On Sound Fest - March 30th, 2020
- These are the companies offering free software during the coronavirus crisis - IT PRO - March 30th, 2020
- The real insider threat is the use of security software - TechRadar - March 23rd, 2020
- EFF and COVID-19: Protecting Openness, Security, and Civil Liberties - EFF - March 23rd, 2020
- Preparing for November's election must be a national priority | TheHill - The Hill - March 23rd, 2020
- COVID-19 decoy doc, Cloudflare tools used to spread Blackwater malware - SC Magazine - March 23rd, 2020
- Technology saves the day as Kenyan firms send staff to work from home - The East African - March 23rd, 2020
- In Industrial Realm, Trustworthy Software Ensures - IoT World Today - March 23rd, 2020
- Security Software in Telecom Market is Growing Rapidly Due to Increasing Internet Penetration - Press Release - Digital Journal - March 23rd, 2020
- How safe is your brand in the hands of a remote workforce? - Bizcommunity.com - March 23rd, 2020
- Do Netflix And YouTube Really Need To Slash Video Quality To Save The Internet? - Forbes - March 23rd, 2020
- How Organizations Can Retain Talent Amidst the Infosec Skills Gap - tripwire.com - March 23rd, 2020
- Hackers are preying on fears of Covid-19, says cyber security experts - Hindustan Times - March 23rd, 2020
- These Jaw-Dropping Facts Will Change Your Mind About the Internet of Things - The Motley Fool - March 23rd, 2020
- Security Think Tank: Amid panic, how to find a sound level of security - ComputerWeekly.com - March 23rd, 2020
- As universities shut their doors, international students are left in limbo - The Verge - March 23rd, 2020
- Keeping content safe in the IP era | Industry Trends - IBC365 - March 23rd, 2020
- Students concerned with lack of internet access, job security in light of online transition - University of Virginia The Cavalier Daily - March 23rd, 2020
- How Safe is Your Brand in the Hands of a Remote Workforce? - Techfinancials.co.za - March 23rd, 2020
- US Bureau of Census : PRESS RELEASE | MARCH 20, 2020 Statement on 2020 Census Internet Response Security Precautions To protect the integrity of the... - March 23rd, 2020
- Fake coronavirus news is spreading faster than the virus - The Star Online - March 23rd, 2020
- Facebook didnt have to be this way - BusinessLine - March 23rd, 2020
- How Are Digital Natives Shaping the Future of Data Privacy? - Infosecurity Magazine - March 23rd, 2020
- Zero Trust Internet is the Answer - Infosecurity Magazine - March 23rd, 2020
- German government prepares for internet censorship and deployment of the armed forces - World Socialist Web Site - March 23rd, 2020
- Internet of Things (IoT) Security Technology Market Is Expected To Thrive At Impressive Cagr By 2027 Key Players:... - March 23rd, 2020
- Norton Secure VPN - The cocoon of cybersecurity - Blasting News United States - March 13th, 2020
- New rules proposed to boost security of home routers - The Straits Times - March 13th, 2020
- Leaders should act now to counter national security threat to US elections | TheHill - The Hill - March 13th, 2020
- Cybersecurity 2020: The Trends SMBs will Need to Prepare For - CISO MAG - March 13th, 2020
- Namecheap, EFF and the Dangerous Internet Wild West - CircleID - March 13th, 2020
- EARN IT Act threatens end-to-end encryption - Naked Security - March 13th, 2020
- Apples WWDC 2020 is on in a purely digital way - Pickr - March 13th, 2020
- The EARN IT Bill Is the Government's Plan to Scan Every Message Online - EFF - March 13th, 2020
- The pitfalls of being an influencer: What parents should know and do - We Live Security - March 13th, 2020
- 25 tips for navigating the internet today - Alton Telegraph - March 13th, 2020
- Interos Raises $17.5M from Venrock and Kleiner Perkins to Grow Third-Party Risk Management Platform - GlobeNewswire - March 13th, 2020
- Why Are Internet Security Standards Badly Deployed and What to Do About It? - CircleID - March 12th, 2020
- The Internet of Things is a security nightmare reveals latest real-world analysis: unencrypted traffic, network crossover, vulnerable OSes - The... - March 12th, 2020
- How The Internet Of Things Can Transform Workplace Safety | Baird Capital | Security News - SecurityInformed - March 12th, 2020
- The Internet Avoided a Minor Disaster Last Week - WIRED - March 12th, 2020
- Applying the 80/20 rule to cloud security - Help Net Security - March 12th, 2020
- Internet Security Audit Market Report 2020: Acute Analysis of Global Demand and Supply 2025 with Major Key Player: Symantec, Intel Security, IBM,... - March 12th, 2020
- The Hidden Dangers of China's Digital Silk Road - The National Interest - March 12th, 2020
- Students Showed Trend Micro a World Without the Internet - Business Wire - March 12th, 2020
- Android anti-virus products put to the test which are the best at stopping new malicious apps? - Graham Cluley Security News - March 12th, 2020
- Internet security Market 2020 | Applications, Challenges, Growth, Shares, Trends and Forecast To 2026 - Packaging News 24 - March 5th, 2020
- Eight ways to improve cyber-hygiene in the enterprise - Security Boulevard - March 5th, 2020
- The Top 8 Concerns for CISOs in 2020 - Security Boulevard - March 5th, 2020
- iboss Wins Customer Service Department of the Year - Computer Services Silver Award in the 2020 Stevie Awards for Sales and Customer Service - Yahoo... - March 5th, 2020
- 2020 Premium Ethical Hacking Certification Bundle Is Up For A Limited Time Discount Offer Avail Now - Wccftech - March 5th, 2020
- These are the first passwords hackers will try when attacking your device - ZDNet - March 5th, 2020
- US threatens to pull big techs immunities if child abuse isnt curbed - TechCrunch - March 5th, 2020
- Why SSL Encryption Will not Become a Victim of its Own Success - Infosecurity Magazine - March 5th, 2020
- Let's Encrypt: OK, maybe nuking three million HTTPS certs at once was a tad ambitious. Let's take time out - The Register - March 5th, 2020
- Modernizing Threat Management for the Evolving Attack Surfaces of OT, IoT and IoMT - Security Intelligence - March 5th, 2020
- Global Internet Security Audit Market Analysis, Key Insights, and Forecast 2025 By Application, Type, End User and Region - Feed Road - March 5th, 2020
- It has been 15 years, and we're still reporting homograph attacks web domains that stealthily use non-Latin characters to appear legit - The Register - March 5th, 2020
- WhatsApp Provides Information to Intelligence Services - What is the Safest Messenger? - Communal News - March 5th, 2020
- Dear passwords: Forget you. Here's what is going to protect us instead - USA TODAY - March 3rd, 2020
- Do these three things to protect your web security camera from hackers - ZDNet - March 3rd, 2020
- Internet security Market 2020 Analysis by Overview, Growth, Top Companies, Trends, Demand and Forecast to 2026 - Packaging News 24 - March 3rd, 2020
- Navigant Research Report Shows Global Annual Revenue for Home Automation and Security Is Expected to Reach $72 Billion in 2028 - Oklahoman.com - March 3rd, 2020
- NetAbstraction Announces Support for Private and Secure Access to the Dark Web - Yahoo Finance - March 3rd, 2020