Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Monday, 6 February, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

It's Tax Time Again – and phishers are casting their lines

by The Gurus
July 30, 2015
in News
Share on FacebookShare on Twitter

By Troy Gill, manager of security research at AppRiver

Self-employment in the UK is currently at its highest level since records began according the Office of National Statistics, with 4.6 million people working for themselves. Many are preparing to make a tax payment on account ahead of the 31 July deadline. And that means phishers are casting their lines in the hope to catch one or two.
The days before the deadline phishers will often try to spoof users into believing a reminder email to make a payment is legitimate. However, its after the deadline has passed that tends to see a flurry of activity as scammers send messages suggesting payments have failed, or that there has been a problem and additional information is needed for clarification.  Another regular scam seen circulating is the claim that an overpayment has been made and therefore a refund is due, with the recipient encouraged to input their bank details for the money to be returned.
HMRC Scam email
 
One example of a fraudulent e-mail. It contains a link which takes users to a deceptive web page that looks like it’s part of HMRC. (click to enlarge image)
Over the years we have seen hundreds of these tax-themed email campaigns, attempting to dupe users. The majority of messages contain malware as an attachment or use a URL that leads to a malicious payload.
So, what can you do to stay safe this tax season?

  • Keep your Browser and Operating System up to date. Both receive frequent updates, many of which include fixes for vulnerabilities that could be used in an attack against an innocent taxpayer.
  • Online fraudsters (a.k.a. “phishers”) will attempt to contact taxpayers via email. While it would be nice to say that HMRC will never send you an email, that isn’t always the case. Instead, to help identify what’s real and what isn’t, HMRC publishes a list of contact letters and emails to check against. The most recent can be viewed here: https://www.gov.uk/government/publications/genuine-hmrc-contact-and-recognising-phishing-emails/genuine-hmrc-contact-and-recognising-phishing-emails.
  • Never click on a link, or an attachment, from an unsolicited email.
  • HMRC will never ask for PIN numbers or credit card information in an email.
  • Never conduct unsecured transactions that include any account or password information over public wifi hotspots – including airports, hotels, libraries, restaurants, cafes, or other locations, particularly those offering WiFi free of charge.
  • Always and completely log out of sensitive sites. It is possible for an attacker to hijack a session that has been left open.
  • Try not to use the same computer that the children do for any sensitive transactions – such as online banking, filing tax returns, etc. A good portion of online scams and spam target today’s younger generation of Internet users.
  • Remain vigilant and try to use simple logic – if it seems too good to be true, and it is sitting in your inbox, delete it. Especially if it is from someone you did not initiate contact with.
  • Before entering sensitive information into a website, look for the security padlock symbol in the address bar.
  • Create strong and unique passwords for sensitive sites; choose passwords that are complex and utilize a combination of upper and lower case letters, numbers and symbols.
  • Limit Your Exposure Through E-mail and Web. It is perhaps online behaviour that bears the most scrutiny. Mitigating the risk through the use of a reliable e-mail and Web filtering solutions are essential.

As HMRC increasingly encourages users to file their taxes electronically, and make payments via the online portal, scammers will try to capitalise on unsuspecting individuals. While paying taxes isn’t always popular, it is one of life’s certainties – that and dying. However, being swindled by fraudsters doesn’t have to be.

FacebookTweetLinkedIn
Tags: CybercybersecurityemailfinancefraudHackHackerhackingHMRCinfosecinfosecurityit securityofficephisingScamtaxThreat
ShareTweetShare
Previous Post

Fred Touchette on Malicious Macros

Next Post

Russian Trojan on the move in East Europe

Recent News

Phone with app store open

$400,000 Fine for Stalkerware App Developer

February 6, 2023
london-skyline-canary-wharf

Ransomware attack halts London trading

February 3, 2023
Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

February 2, 2023
JD Sports admits data breach

JD Sports admits data breach

January 31, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information