Submitted by Sestini & Co
| on Fri, 10/14/2016 - 7:30 | In digital tax
Fraudsters know that HMRC regularly sends out letters telling companies and individuals about their tax deadlines and reminding them of their obligations.
These unscrupulous people also know that we’re moving to a digital age where more and more is being done online, including a move towards digital tax. In September 2016 the five millionth customer registered for the digital Personal Tax Account (see our blog on digital tax for more information).
Unfortunately con artists are preying on these moves by sending out very plausible-looking scam emails, text messages and even making telephone calls.
They’re purporting to be genuine HMRC employees to seek personal information to use to gain access to bank accounts or to gather personal information for nefarious purposes. Some will even quote a unique tax reference number and carry the HMRC logo, often they say that you’re due a tax refund.
Make sure you don’t click on a link in such an email or supply any personal information, it could be used in identity theft and card fraud.
HMRC has now introduced an extra layer of security, known as two-step verification.
If you use certain software programs such as Google Apps for Business, or carry out online banking, you may be familiar with this concept, also known as two-factor authentication.
HMRC introduced two-step verification in March for personal tax customers and business customers who are enrolled in online self assessment. The idea is that it will help combat fraud but it’s not as well known as it could be.
Over time the scheme will be rolled out to other areas such as VAT, Corporation Tax, employer PAYE and Agents (such as accountants).
The HMRC’s two-step scheme uses the PC or other smart device as the first step in the log in process. This triggers a code automatically sent to the user’s mobile or landline of choice.
The code will be different each time you log in and that code must be input into the computer device you’re using as the second step, only then can you fully access your information online.
Here’s a couple of examples of fraudulent emails – as you can see, they look very convincing.
- However, HMRC will never email you:
- To offer you a tax repayment
- To notify you of a tax rebate
- To ask for personal information such as full address, postcode, bank account details or unique taxpayer reference
- To ask you to go to a log-in page or form asking for information. The only site they would direct you to would be your HMRC online account.
HMRC also has some advice online about detecting such emails known as ‘phishing emails’ and there are some examples on the HMRC site too.
Continue Reading How can you tell whether a phone call from HMRC is genuine?
The phone calls currently are concentrating on:
- A recorded message saying that HMRC is launching a law suit against you and that you need to call a number to find out more (the number the fraudsters are currently using is 0161 850 8563).
Do not call the number, they will try to extract your bank details or other personal information from or even credit card details over the phone.
- HMRC needs your bank details (e.g. to give you a refund).
However, do not give out your bank details, a legitimate call from HMRC would not ask for these.
Dhanaula How can you help combat fraud?
You can report suspected fraudulent emails or calls to the police via the Action Fraud website or by calling: 0300 123 2040.
Do contact us if you have any queries. If you feel under pressure in a phone conversation, just say you need to check with your accountants before giving out any information. Call us on 01761 241 861 or email us today. We will be pleased to advise you.