IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

HMRC website targeted by phishing attacks

Criminals are targeting UK users using phishing attacks, which pretend to be from the HMRC offering you tax return money.

Consumers and businesses are being targeted by phishing emails pretending to be from HMRC, which are trying to get users to input confidential credit card details.

Potential victims would receive an email claiming to be from Her Majesty's Revenue and Custom (HMRC) and offering a link which pretends to be from the HMRC but is in fact hosted on a Chinese website.

This would be identical to the HMRC website, where you would be prompted to enter your full name, date of birth and so on. If you followed it through to the section where it asks you about giving you a tax refund, it will ask you for credit card details and when the process is finished send you to the real HMRC website.

"The only thing that would arise any suspicion would be actual address at the top of the website, which would clearly be from a Chinese domain," said Paul Wood, senior analyst for MessageLabs, who discovered the attack.

"If you are looking at the information, that should raise alarm bells straight away. There have been more sophisticated attacks with techniques to hide [the address] so it wouldn't be difficult to make this more convincing."

MessageLabs said the attacks took place over a three-day period starting from 30 June with 33,000 emails addressed to mainly UK recipients. Wood said that the attacks were very similar to US attacks at the beginning of the year spoofing which followed the same tax return pattern.

"The HMRC attacks had a remarkable resemblance to the attacks we had already seen targeting the US, so much so that the content of the message was identical."

Wood said the nature of the phishing suggested that criminals were using a kit which could screen scrape' the website so they had a landing page which they could use to conduct the phishing attack.

It also looked like they were using the same templates to write the emails they were using for the previous US attack. Wood said: "It means they are raising the bar when it came to phishing attacks.

"You don't have to be technically advanced to do this. You could take one of these toolkits and do it yourself by pressing the right buttons, which will do the job for you."

Pictures of the phishing attack are available here

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

Education and government most at risk from email threats
phishing

Education and government most at risk from email threats

26 Nov 2021
Attackers use CSS to fool anti-phishing systems
phishing

Attackers use CSS to fool anti-phishing systems

11 Nov 2021
X-rated phishing attacks just keep growing
phishing

X-rated phishing attacks just keep growing

4 Jun 2021

Most Popular

Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
Costa Rica declares state of emergency following Conti ransomware attack
ransomware

Costa Rica declares state of emergency following Conti ransomware attack

10 May 2022
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022