Cyber criminals try swiping email logins and bank data in single HRMC phishing scam

The hackers ask for every piece of your personal data including name, address, mother's maiden name bank and card details

HMRC branded email used to fuel scam

MalwareBytes has uncovered an HMRC phishing scam that aims to swipe taxpayers' personal details (including mother's maiden name) and card details.

The hackers send an email to victims, claiming to be from HMRC regarding a tax refund. The email specifies how much is due as a refund (around the 500 mark) and says that the refund claim deadline falls on the date of the email - prompting anyone wanting to get their money back to click on it immediately.

The victim is then taken to a login screen where they are asked to enter their login details via "HMRC's gateway portal" - suspiciously looking like an Outlook email login page (giving the criminals their email address and password) and this is forwarded to a form where they're asked to enter personal information.

Details requested here are name, address, phone number, date of birth and mother's maiden name. This information is seemingly checked against some sort of database so the scammers can make sure the details look as though they're genuine. If they don't pass the validation, the victim is unable to enter their card details, which appears at the bottom of the form.

Advertisement - Article continues below
Advertisement - Article continues below

Once the personal details are shown to be at least believably correct, the victim is prompted to enter the details of the card they wish their refund to be sent to, including expiry date and CVV number. What should set alarm bells ringing if the huge amount of data already requested isn't enough to flag it as a scam, is that the criminals also ask for a sort code and bank account number too - pretty much exposing every piece of personal data they could possibly ask for.

"While these scams tend to experience a boom period during tax season (in this case, around April for the US and UK), there's nothing preventing scammers from firing these out at other times of the year," MalwareBytes' Chris Boyd, lead malware intelligence analyst at Malwarebytes said. "In fact, it might be more of a benefit for them to do so. Recipients may be more likely to have their guard down due to the lack of "fake tax refund" articles making the rounds. Out of sight, out of mind and all that."

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now

Most Popular

operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020
General Data Protection Regulation (GDPR)

Data protection fines hit £100m during first 18 months of GDPR

20 Jan 2020