Scams are EVERYWHERE nowadays and they look extremely realistic, it can be so easy to be enticed by these cyber-criminals! In this blog we are going to show you screenshots of a “HMRC Tax Refund” with a message ID, malicious link and the amount of monies that you are “owed” that was actually received by one of our employees to their personal email address (which is why it is blanked out).
People who work with the IT industry may think ‘I already know this!’ but do your family and friends who do not know about cyber-crime and these scams? A crazy amount of people do click on the malicious links and right here is how we explain how you, your friends and family can avoid these. Bare in mind, if these phishing or any other cyber-crime did not work… there would be no incidents…
Let’s get started… this is the original email:
Below is a snip of each part of the email you should look at to help you recognise that it is not legitimate:
- Although the name may say HMRC Services, anyone can set up an email to say any name they like, however they cannot register an email address to the legitimate organisation they are trying to pretend to be. As you can see above, the email address is [email protected].
2. The subject line in this email is saying “Tax Refund” with a ‘message ID number’ appearing to make it look legitimate and then after addressing your email address, not you by name (which shows that it is a bulk email sent out to multiple email addresses. After this the promise that HMRC owe you money with a large amount. Cyber-criminals do this to entice people in to following their instructions.
3. The above then appears to be in a threatening manner to ensure you follow their instructions, many people will believe this because they do not want to be on the wrong side of the law nor worry their income tax will be more. Followed by a promise of receiving money quickly (who doesn’t want an extra £4729.91?!).
4. Here it is… the link… the fake and malicious link promising payment today asking you to follow instructions on your screen. Do not click on these links but IF you do by accident – NEVER fill in any of the information it asks of you.
5. The explanation of why you have paid too much tax everyone will know so again this appears legitimate. ‘If you don’t complete the required form, you will not receive your refund’ – another little push for you to provide information.
6. ‘HMRC help and support for landlords’ – our colleague is not a Landlord nor has ever been.
7. No contact details is concerning however even if there are contact details this does not mean this email is legitimate. Why would HMRC not have contact details?
We inspected the link (not advised unless inspecting within a secure environment) and the below is how the form looked…
8. All looks well doesn’t it? Apart from the website at the top and the details it is asking you to have to hand to provide. Do not click on birdsong, it is not a secure website.
9. As you can see from the form it is asking for personal information, should you provide these answers – some of this can be used to reset your accounts such as email, if all of your accounts such as online banking, shopping sites, social media etc are linked to this email – the cyber-criminals can hack all of those. Mother’s maiden name has absolutely nothing to do with your tax, this however is a lot of people’s memorable information… It also states the amount is £240.00 which is different to the amount they “owed” our colleague. Could this possibly be the amount they will scam the victim for?
10. We didn’t go on to the next part of the form however it will ask for your banking details.
CONCLUSION
Our advice is always be wary, look for all of the pointers we have provided you with, never provide personal information and if you are unsure – call the company the email has supposedly come from. It is better to be safe than sorry. You can report all phishing (email scams) here or by emailing [email protected].