Cyber criminals try swiping email logins and bank data in single HRMC phishing scam

The hackers ask for every piece of your personal data including name, address, mother's maiden name bank and card details

HMRC branded email used to fuel scam

MalwareBytes has uncovered an HMRC phishing scam that aims to swipe taxpayers' personal details (including mother's maiden name) and card details.

The hackers send an email to victims, claiming to be from HMRC regarding a tax refund. The email specifies how much is due as a refund (around the 500 mark) and says that the refund claim deadline falls on the date of the email - prompting anyone wanting to get their money back to click on it immediately.

The victim is then taken to a login screen where they are asked to enter their login details via "HMRC's gateway portal" - suspiciously looking like an Outlook email login page (giving the criminals their email address and password) and this is forwarded to a form where they're asked to enter personal information.

Details requested here are name, address, phone number, date of birth and mother's maiden name. This information is seemingly checked against some sort of database so the scammers can make sure the details look as though they're genuine. If they don't pass the validation, the victim is unable to enter their card details, which appears at the bottom of the form.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Once the personal details are shown to be at least believably correct, the victim is prompted to enter the details of the card they wish their refund to be sent to, including expiry date and CVV number. What should set alarm bells ringing if the huge amount of data already requested isn't enough to flag it as a scam, is that the criminals also ask for a sort code and bank account number too - pretty much exposing every piece of personal data they could possibly ask for.

"While these scams tend to experience a boom period during tax season (in this case, around April for the US and UK), there's nothing preventing scammers from firing these out at other times of the year," MalwareBytes' Chris Boyd, lead malware intelligence analyst at Malwarebytes said. "In fact, it might be more of a benefit for them to do so. Recipients may be more likely to have their guard down due to the lack of "fake tax refund" articles making the rounds. Out of sight, out of mind and all that."

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Most Popular

Visit/operating-systems/microsoft-windows/354297/this-exploit-could-give-users-free-windows-7-updates
Microsoft Windows

This exploit could give users free Windows 7 updates beyond 2020

9 Dec 2019
Visit/security/identity-and-access-management-iam/354289/44-million-microsoft-customers-found-using
identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/business/business-strategy/354304/ex-apple-cpu-architect-accuses-the-firm-of-invading-privacy
Business strategy

Ex-Apple CPU architect accuses the firm of invading privacy

10 Dec 2019