HMRC shuts down 180 phishing sites

Taxpayers are seen as easy marks by cyber criminals

HM Revenue and Customs (HMRC) has warned taxpayers to remain cautious after revealing that it has shut down over 180 web sites following a surge in phishing emails over the past three months.

The department urged people receiving a suspicious looking email to visit the HMRC web site to check whether it is a scam, and said that people should not "click on web sites or links contained in suspicious emails, or open attachments".

The scale and sophistication of the scams means that even savvy internet users could be fooled, and highlights once again the lengths hackers will go to obtain information, according to Alan Bentley, senior vice president of international sales at security firm Lumension.

"By playing on an emotive topic like child benefit or personal finance, and offering people the opportunity to reclaim some cash, coupled with the disguise of a trusted name, scammers are tapping in to an instant source of information which they can then harvest and use for malicious purposes," he said.

"With the financial risk of people losing money from these scams, banks and organisations have a responsibility to enhance their security measures to mitigate against unauthorised access to funds."

HMRC also noted that fraudsters are increasingly telephoning taxpayers with the aim of soliciting valuable information.

The fraudsters inform victims that they are due a tax rebate, and ask for bank card details over the phone. They then attempt to take money from the account using the details provided, said HMRC.

"We only ever contact customers who are due a tax refund in writing by post. We never use telephone calls, emails or external companies in these circumstances," said Chris Hopson, director of customer contact at HMRC.

"We strongly urge anyone receiving such a phone call not to give any information to the caller, but to report it to the police straight away."