- More than 20,000 malicious websites were ordered to be taken down in a crackdown against fraudsters
- Public have been advised to remain alert against typical website scams, particularly those that impersonate the HMRC
Britain’s tax authority - Her Majesty’s Revenue and Customs (HMRC) said it requested the takedown of 20,750 fake websites over the past 12 months in a major crackdown on online fraudsters. The tax authority also warned that the malicious website count has has increased by 29% from 2017 and urged taxpayers to remain alert to online crooks eager to dupe victims out of substantial amounts of money.
The warning also comes as Scams Awareness Month that was run by Citizens Advice in June, came to a close.
“Tax Refund” phishing emails and text messages
Emails and text messages that suspiciously ask you to log into a website to get your tax refund are always fake. Additionally, messages that ask people to provide their personal information, PIN, password or bank details are also fraudulent, authorities said.
“Genuine organisations like banks and HMRC will never contact people out of the blue to ask for their PIN, password or bank details. So people should never give out private information, download attachments, or click on links in emails and messages they weren’t expecting,” authorities said.
“HMRC has brought in cutting edge technology to tackle cyber-crime and target fraudsters. However, the public needs to be aware and report phishing attempts to truly defeat the criminals.”
Protecting the public against online fraudsters
“Scammers create websites that look similar to HMRC’s official site and then direct the public to call numbers with extortionate costs. HMRC has successfully challenged the ownership of these websites, masquerading as official websites, and taken them out of the hands of cheats,” authorities said. “HMRC is working with the National Cyber Security Centre to further this work and extend the benefits beyond HMRC customers.”
The HMRC said it has “saved the public over £2.4m by tackling fraudsters that trick the public into using premium rate phone numbers for services that HMRC provide for free".
In November 2016, the HMRC began using the free Domain-based Message Authentication, Reporting and Conformance (DMARC) verification system that is designed to prevent spoofing and verify if an email is coming from a genuine source.
Since April 2017, the HMRC has been trialling new technology to identify phishing texts with “tags” that suggest they are coming from the HMRC and stop them from being delivered. The agency said there has been a “a 90% reduction in people reporting spoof HMRC-related texts.”
The agency’s cybersecurity team was awarded the Cyber Resilience Innovation of the Year Award in the Digital Leaders (DL100) Awards for its efforts.
"HMRC is cracking down harder than ever, as these latest figures show,” Treasury Minister Mel Stride said in a statement. “But we need the public's help as well. By doing the right thing and reporting suspicious messages you will not only protect yourself, you will protect other potential victims."