Ever since emails were first invented, phishing scam emails have been hot on their heels – with the first ever spam being sent in 1978! In fact, research says that around 48.16% of all email traffic worldwide is made up of scams, phishing emails and spam. And over so many years, the average consumer has gotten wise to a lot of the old tricks. Most of us can now see that an email from a rich Nigerian prince asking for money is a scam, and just delete the email. So the scammers started to take a different approach, and started impersonating businesses. But not just any businesses – big businesses that we would be likely to trust. Businesses like Amazon, Royal Mail and PayPal have all been subject to identity appropriation. Even national institutions like HMRC have been impersonated. So, how can you hope to avoid the phishing scams?
What Is A Phishing Scam?
Scammers have long been creating sophisticated scam emails designed to imitate a company down to the last detail. At first glance, a scam email might be indistinguishable from a real one from that company. It will use their logo, try to imitate their wording, and even format the email in the same style as the real ones. These emails will often try to tell you that you are due a refund, and that you must contact them to claim it. It will give you an email address to reply to, a link to a website to fill in your details, or a phone number to call to process your refund. They may also try to get you to click links that will install malware on your computer, or tell you that you’ve won some money, but ask you to send them a small amount of money as an ‘admin’ charge. All of these avenues will lead back to a scammer, who will proceed to take your bank details and personal information. This could then be used to steal from you, steal your identity or sold on the black market.
How Do I Know If My HMRC Email Is A Scam?
HMRC isn’t in the habit of sending a lot of emails. Generally, your correspondence from them will come in that familiar brown envelope (though they are starting to move into the digital space). So an email from HMRC that you aren’t expecting should be a surprise in itself. In terms of recognising a spam email, it’s pretty easy when you know what to look for. All of those details we mentioned earlier, that scammers try to imitate perfectly? The logos and formatting? That is their downfall. For all of the attention to detail, there are always some tell-tale signs. Look out for logos that don’t look quite right, and make sure you check the footer for odd links or messages.
Spelling and grammar mistakes are always a sure-fire sign that the email isn’t genuine as well, as HMRC employs people to make sure these things are correct! If you’re still not sure, it’s worth checking the ‘from’ email address. Most of the time, this will be to something very odd and obscure, or even a personal email account. This is the biggest tell for phishing emails, short of suspicious links (which of course you should never click). If the email doesn’t use a name, but instead a generic ‘dear customer’, this is a pretty sure sign as well, along with the entire email being an image, and not text.
As a general rule, HMRC will never use emails or texts to tell you about a tax rebate or penalty, or to ask for personal payment information. So if you get an email asking for either of those things, it’s almost guaranteed to be a scam. If you receive one of these, the advice is to:
- Not open any attachments, or click any links in the email
- Don’t give out any sensitive information, like usernames, bank details or passwords
- Forward it on to phishing@hmrc.gsi.gov.uk, who will be able to tell you if it’s real or not and advise you on what to do next
Phishing emails are an unfortunate reality of such a hyper-connected world, and we have no doubt that more and more of them will continue to pop up. As a business owner, you are unfortunately a prime target for scammers at the moment. Businesses typically have greater cash reserves than individuals and stronger buying power, making them a more attractive prospect. So it’s important for you to be vigilant and aware of the warning signs, especially when it comes to dealings with HMRC. If you would like to find out more about protecting yourself and your business from scammers, please do get in touch with us to find out more