HMRC website targeted by phishing attacks
By Asavin Wattanajantra,
Consumers and businesses are being targeted by phishing emails pretending to be from HMRC, which are trying to get users to input confidential credit card details.
Potential victims would receive an email claiming to be from Her Majesty’s Revenue and Custom (HMRC) and offering a link which pretends to be from the HMRC but is in fact hosted on a Chinese website.
This would be identical to the HMRC website, where you would be prompted to enter your full name, date of birth and so on. If you followed it through to the section where it asks you about giving you a tax refund, it will ask you for credit card details and when the process is finished send you to the real HMRC website.
“The only thing that would arise any suspicion would be actual address at the top of the website, which would clearly be from a Chinese domain,” said Paul Wood, senior analyst for MessageLabs, who discovered the attack.
“If you are looking at the information, that should raise alarm bells straight away. There have been more sophisticated attacks with techniques to hide [the address] so it wouldn’t be difficult to make this more convincing."
MessageLabs said the attacks took place over a three-day period starting from 30 June with 33,000 emails addressed to mainly UK recipients. Wood said that the attacks were very similar to US attacks at the beginning of the year spoofing which followed the same tax return pattern.
“The HMRC attacks had a remarkable resemblance to the attacks we had already seen targeting the US, so much so that the content of the message was identical.”
Wood said the nature of the phishing suggested that criminals were using a kit which could ‘screen scrape’ the website so they had a landing page which they could use to conduct the phishing attack.
It also looked like they were using the same templates to write the emails they were using for the previous US attack. Wood said: “It means they are raising the bar when it came to phishing attacks.
“You don’t have to be technically advanced to do this. You could take one of these toolkits and do it yourself by pressing the right buttons, which will do the job for you.”
Pictures of the phishing attack are available here
Related Tags
advertisement
Latest Security Features
The present and future of IT security
Mobile working and virtualisation could boost security - this and other insights on the past, present and future of IT security from Gartner research vice president Jay Heiser.
- I’m an IT manager, get me out of here!
- IT around the world: Russia
- Chinese web control an Olympic challenge for tech firms
- SOS Bletchley Park
- Where will IT be in 2015?
- Q&A: John Stewart, Cisco's chief security officer
- NHS IT - something to celebrate?
- Q&A: Tom Ilube, head of Garlik
- Ten of the most infamous ‘black hat’ hackers
Latest Security Reviews
Samsung Omnia (i900)
Rating: 
- Fortinet FortiGate-3810A
- Clearswift MIMEsweeper Web Appliance ENW
- NetASQ U6000 UTM appliance
- AVG Internet Security SBS Edition 8.0
- Finjan Vital Security Web Appliance NG-6000S
- LogLogic MX2010
- Exclusive: WatchGuard Firebox Core X750e
- Sophos ES4000 Security Appliance
- Microsoft Forefront Security for Exchange and SharePoint
advertisement
Latest News Videos in Security
Video: Q&A with Richard Archdeacon, Symantec
PlayIT PRO speaks to Richard Archdeacon, director, global services, at the information security software vendor Symantec.
White papers
Want more background on today's hottest IT trends?
Visit IT PRO's white paper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free white papers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
Social Bookmark this article: What is this?