HMRC has published guidance to help taxpayers distinguish between genuine correspondence from HMRC and fraudulent “phishing” e-mails sent by online scammers. It features an up to date list of communication methods that HMRC uses, along with a list of warning signs and details of what to do with any suspicious messages. According to the guidance there are six key “tells” that indicate an e-mail is fraudulent:
- an incorrect “from” address;
- the use of a common greeting such as “dear sir” or “dear madam”;
- requests for personal information;
- a request for urgent action, such as “reply within three days”;
- links to bogus websites;
- the presence of one or more attachments.
E-mail addresses that are frequently used by scammers to trick recipients into believing an e-mail is genuine include firstname.lastname@example.org, email@example.com adn firstname.lastname@example.org. Suspicious e-mails should be forwarded to HMRC via email@example.com and if you think you might have given any personal information to scammers contact HMRC via firstname.lastname@example.org, providing a description of the details disclosed, but not the actual details.
The guidance is can be found at http://bit.ly/1zS4WZh