Only 30% of small businesses surveyed would think twice about clicking on a link directing them to HMRC
You should think twice.
Scammers regularly send fake emails that look like they are from HMRC, banks and other organisations like eBay, PayPal, Royal Mail or couriers like DPD. They aim to trick you into revealing personal information which they’ll use for fraud and identity theft. It’s known as phishing.
Tax rebate
The Self-Assessment deadline is looming so this particular dodgy email is common around this time of year. It says you’ve got a refund of £x due to you, and offers a link to “get your rebate now”.
The link takes you to a site that looks convincing to a casual observer – but it’s not the real deal.
Often these messages end up in your Spam folder and you never see them. If they do get to your Inbox, remember HMRC’s golden rule:
How to spot a phishing email
A 2013 poll found that 60% of UK workers will fall for a phishing scam unless they’ve been trained to spot one.
- are you expecting the message?
- is it from an expected source? E.g. if you don’t bank with Barclays, why would they email you about your account?
- does it ask for passwords or other complete information?
- hover your mouse pointer over the links – don’t click them! – to check the website that pops up
- how good is the spelling and grammar? Bad English is a dead giveaway!
Engage your brain!
Imagine the email is someone standing at your front door asking the same questions.
Would you give them this information?
If the answer is ‘no’ then it’s probably a scam.
If you wouldn’t do it on the street, don’t do it online!
Beyond email
It’s not just email – scammers are also using fake text (SMS) messages to reel in unsuspecting victims. This is known as smishing.
Learn more
- Get Safe Online: phishing video
- Gov.uk: recognising and reporting phishing emails
- Action Fraud: invoice fraud
- You might be streetwise, but are you cyber-streetwise?