HMRC takes down record number of malicious websites in scam crackdown
Deploying new technology has also led to a dramatic reduction in the number of fake texts, according to figures
HMRC has requested the takedown of more than 20,000 malicious websites in the past 12 months, but has warned organisations and the public to remain vigilant.
The crackdown on scams and malicious sites has seen a 29% increase in the number of takedown requests made last year - 20,750 against 16,069 between June 2016 and 2017 - according to figures released by the department.
HMRC has also claimed to have saved the public more than 2.4 million by tackling a method by which fraudsters lure the public into calling premium phone lines listed on fake website resembling the department's - pinning its overall increase in output on a handful of new technologies it has deployed.
"HMRC is cracking down harder than ever, as these latest figures show," said Mel Stride MP, the financial secretary to the treasury.
"But we need the public's help as well. By doing the right thing and reporting suspicious messages you will not only protect yourself, you will protect other potential victims."
The department has trialled a new technology that stops phishing texts from being delivered, identifies these scams with 'tags' suggesting they are from HMRC. It has recorded a 90% reduction in reports of fake HMRC texts.
Meanwhile, the department implemented an email verification system, dubbed DMARC, that gives its emails an added layer of credibility against a wave of fake emails designed to resemble HMRC, often aimed at tricking recipients into handing personal information.
Since DMARC was introduced in 2016, HMRC said, there has been approximately half a billion phishing emails blocked, with the most common type of scam email or text message informing the recipient they are due a 'tax refund'. The department said it does not offer tax refunds via such means.
Meanwhile, HMRC has released a catalogue of known phishing attacks to help organisations and members of the public who may be targeted to report any malicious activity they may come across.
Citing a wide range of activity, the department highlighted rebate scams, bogus phone calls and social media scams as being particularly prevalent, and recommended the public forward all potentially malicious activity found to email@example.com.
The essential guide to cloud-based backup and disaster recovery
Support business continuity by building a holistic emergency planDownload now
Trends in modern data protection
A comprehensive view of the data protection landscapeDownload now
How do vulnerabilities get into software?
90% of security incidents result from exploits against defects in softwareDownload now
Delivering the future of work - now
The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.Download now