The con artists behind the HMRC tax refund fraud have recently switched their tactic from sending emails and text messages to cold calling potential victims.
Beyond doubt, an unexpected notification about a tax rebate of several hundred pounds can make anyone’s day. Cybercriminals and ill-minded social engineers are perfectly well aware of this, which is why they keep contriving intricate stratagems that exploit human error and gullibility. A lot of people living in the United Kingdom have encountered this type of hoax since early 2015. The scammers have been sending out numerous deceptive emails and phone text messages, supposedly on behalf of HMRC (Her Majesty’s Revenue and Customs), with roughly the following contents: “After the last annual calculations of your fiscal activity, we have determined that you are eligible to receive a tax refund of 268.50 GBP. Please submit the tax refund request and have your tax refund sent to your bank account in due time.” The amount of money may vary, but it’s usually on the order of £200-£400.
The idea of this scam is to persuade users to follow a link that says “Get Started”, “Click Here”, “Create a government gateway”, or “Press here to provide us with your settlement method”. Once this is done, the person will be rerouted to a bogus refund form. When on the spoof page, the targeted user is supposed to fill out their personally identifiable details, including their name, date of birth, address, city, and most importantly, the account and card number, the card’s expiry date, security code and the estimate balance. The totality of this information may suffice to withdraw funds from a bank account these days, which explains why the fraudsters are conducting this whole campaign in the first place.
Another subtype of the HMRC scam, which has been on the rise recently, is phone calls. The perpetrators contact unsuspecting people over telephone, pretending to represent HMRC and notifying them of unpaid taxes. The impostors wrongfully claim that the person has to send a certain amount of tax money in iTunes or Argos gift cards, otherwise the case goes to court and they will be arrested. The way the extortionists reach people is through cold calls, voicemail, and text messages. Some victims have reportedly provided the bad guys with codes for gift cards worth thousands of pounds.
In light of these ongoing scams, HMRC officials have emphasized that the government organization will never inform citizens about tax refunds or ask them for sensitive personal and financial details via email or phone. Furthermore, the institution has taken down around 14,000 phishing websites related to this hoax and blocked 8 million scam emails since April 2015. To win this battle, though, some extra prudence should be exercised on British taxpayers’ end. It’s imperative to refrain from handing over sensitive details on rogue HMRC online forms and providing iTunes or Argos gift card codes to the malefactors when contacted by phone.
Scan your PC for HMRC scam related virus
The links in rogue HMRC tax refund notification emails may point to exploit kits and ransomware drive-by downloads. To ascertain that no malware ended up inside your computer this way, consider checking it for all types of infections. The recommended software can quickly locate threats, eradicate them and remediate all harmful changes. So go ahead and do the following:
1. Download and install the antimalware tool. Open the solution and have it check your PC for all strains of malicious software by clicking the Start Computer Scan button
2. Rest assured the scan report will list all items that may harm your operating system. Select the detected entries and click Fix Threats to get the troubleshooting completed.
- Petya ransomware removal and system recovery (upd. June 27)
- Sorebrect ransomware – fileless malware exploits PsExec utility
- Remove MOLE02 ransomware virus and decrypt .mole02 files (upd. June 15)
- Erebus ransomware infects Linux web servers in South Korea
- Decrypt .master ransomware files – BTCWare virus variant