How HMRC fends off phishing attacks

An email protocol protects taxpayers from 99% of malicious spam

HMRC has found a "panacea" to phishing attacks by adopting an email protocol called DMARC, achieving a 99% success rate of blocking malicious spam.

Scammers regularly target HMRC tax returns, sending phishing emails masquerading as HMRC messages to self-employed people in order to trick them into handing over the sensitive personal and financial data they would normally send to HMRC during a tax return.

Advertisement - Article continues below

But the protocol, standing for Domain-based Message Authentication, Reporting and Conformance, has put criminals off from targeting users of the tax body, its head of cyber security, Ed Tucker, told attendees of InfoSecurity Europe 2017 today.

"DMARC has had a massive impact on criminal's behaviour," he said. "There is no return on investment for criminals to attack HMRC."

In the deployment of the technology, the most marked effect has come from switching to a mode in DMARC called "p=reject". This is the strongest policy within DMARC, and led to people receiving 300 million fewer phishing emails in 2016.

This instructs email providers to carry out checks on where email has come from and to reject anything suspicious.

But the protocol can also help other organisations build up a "herd immunity", according to Neil Hammet, email security product specialist at Proofpoint. "Once everyone is covered, criminals will go some place else," he explained.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

He admitted that coverage in the UK was not complete but government agencies in the country were leading the way in stopping phishing emails.

While stopping phishing attacks via email had been a clear success for Tucker, he said that efforts still had to be made against other forms of phishing. For example, there are no current means of effectively stopping phishing via SMS messages. Tucker said he was working closely with Vodafone and the GSMA to combat these types of attack.

Advertisement

Recommended

Visit/software/video-conferencing/355229/zoom-we-moved-too-fast
video conferencing

Zoom CEO admits company "moved too fast" as privacy issues mount

6 Apr 2020
Visit/security/internet-security/355228/mozilla-fixes-two-firefox-zero-days-being-actively-exploited
internet security

Mozilla fixes two Firefox zero-days being actively exploited

6 Apr 2020
Visit/security/hacking/355227/65-country-coronavirus-team-protects-the-technological-infrastructure-of
hacking

Cyber security experts form coronavirus taskforce to combat ransomware attacks

3 Apr 2020
Visit/security/cyber-security/355185/165-million-britons-experienced-a-cyber-crime-in-the-past-year
cyber security

Report: 16.5 million Britons fell victim to cyber crime in the past year

1 Apr 2020

Most Popular

Visit/development/application-programming-interface-api/355192/apple-buys-dark-sky-weather-app-and-leaves
application programming interface (API)

Apple buys Dark Sky weather app and leaves Android users in the cold

1 Apr 2020
Visit/data-insights/data-management/355170/oracle-cloud-courses-are-free-during-coronavirus-lockdown
data management

Oracle cloud courses are free during coronavirus lockdown

31 Mar 2020
Visit/business-strategy/flexible-working/355186/why-were-lucky-covid-19-has-come-now
flexible working

Why we’re lucky COVID-19 has come now

3 Apr 2020