How to Spot a Fake HMRC Email
Scam emails are designed to fool the recipient into disclosing personal information that can be potentially used for financial gain. The are sometimes referred to as ‘phishing’ and they are becoming an increasingly common strategy of fraudsters due to its effectiveness.
Phishing is a way scammers try to steal your identity and gain access to user names and passwords, usually with the aim of stealing money from your accounts online.
These emails can sometimes look very realistic so can easily trick you into thinking they are from an official HMRC source.
HMRC’s guidance on this is that they will never use emails or texts to do either of these:
- tell you about a tax rebate or penalty
- ask for personal or payment information
So if you have received an email saying you are due a tax refund this is a scam!
HMRC have actually compiled a list of example bogus communications which you can find here. This is an excellent list, which will give you an idea of what to avoid.
If you think you have received a HMRC related phishing/scam email or text message you should follow this advice:
- Do not open any attachments in the email or click on any links
- Never give out sensitive information such as user names, bank details and passwords
- Report it to HMRC
How can I spot a spam email?
You can often tell a spam email because:
- the sender’s email or web address is different to the genuine organisation’s addresses
- the email is sent from a completely different address or a free web mail address
- the email does not use your proper name, but uses a non-specific greeting such as ‘dear customer’
- the email threatens that unless you act immediately your account may be closed
- you’re asked for personal information, such as your username, password or bank details
- the email contains spelling and grammatical errors
- you weren’t expecting to get an email from the company that appears to have sent it
- the entire text of the email is contained within an image rather than text format
- the image contains a link to a bogus website