HMRC takes down record number of malicious websites in scam crackdown
Deploying new technology has also led to a dramatic reduction in the number of fake texts, according to figures
HMRC has requested the takedown of more than 20,000 malicious websites in the past 12 months, but has warned organisations and the public to remain vigilant.
The crackdown on scams and malicious sites has seen a 29% increase in the number of takedown requests made last year - 20,750 against 16,069 between June 2016 and 2017 - according to figures released by the department.
HMRC has also claimed to have saved the public more than 2.4 million by tackling a method by which fraudsters lure the public into calling premium phone lines listed on fake website resembling the department's - pinning its overall increase in output on a handful of new technologies it has deployed.
"HMRC is cracking down harder than ever, as these latest figures show," said Mel Stride MP, the financial secretary to the treasury.
"But we need the public's help as well. By doing the right thing and reporting suspicious messages you will not only protect yourself, you will protect other potential victims."
The department has trialled a new technology that stops phishing texts from being delivered, identifies these scams with 'tags' suggesting they are from HMRC. It has recorded a 90% reduction in reports of fake HMRC texts.
Meanwhile, the department implemented an email verification system, dubbed DMARC, that gives its emails an added layer of credibility against a wave of fake emails designed to resemble HMRC, often aimed at tricking recipients into handing personal information.
Since DMARC was introduced in 2016, HMRC said, there has been approximately half a billion phishing emails blocked, with the most common type of scam email or text message informing the recipient they are due a 'tax refund'. The department said it does not offer tax refunds via such means.
Meanwhile, HMRC has released a catalogue of known phishing attacks to help organisations and members of the public who may be targeted to report any malicious activity they may come across.
Citing a wide range of activity, the department highlighted rebate scams, bogus phone calls and social media scams as being particularly prevalent, and recommended the public forward all potentially malicious activity found to email@example.com.
Four cyber security essentials that your board of directors wants to know
The insights to help you deliver what they needDownload now
Data: A resource much too valuable to leave unprotected
Protect your data to protect your companyDownload now
Improving cyber security for remote working
13 recommendations for security from any locationDownload now
Why CEOS should care about the move to SAP S/4HANA
And how they can accelerate business valueDownload now