Govt furlough scheme attacked by scammers as 140k sign up

twitter-iconfacebook-iconlinkedin-iconmail-iconprint-icon
Search supported by
Govt furlough scheme attacked by scammers as 140k sign up

The email, which uses official HMRC branding, purports to be from Jim Harra, first permanent secretary and chief executive of HMRC, in an attempt to get business owners to reveal their bank account information.

According to accountancy firm Lanop, almost 50 business owners have reported receiving the scam after noticing the email was sent via the address “no-reply@ncryptedprojects.com”, with its user title being ‘HM Revenue & Customs’.

The email, which includes several typos, asks for the bank account details of the recipient in order for them to make a claim via the CJRS.

The email states: “We wrote to you last week to help you prepare to make a claim through the Coronavirus Job Retention Scheme. We are now writing to tell you how to access the Covid-19 relief. 

“You will need to tell your us which UK bank account you want the grant to be paid into, in order to ensure funds are paid as quickly as possible to you.”

A spokesperson from HMRC told FTAdviser that the website associated with this scam was in the process of being taken down.

They said: “Fraudsters are taking advantage of the package of measures announced by the government to support people and businesses affected by coronavirus. 

“Scammers text, email or phone taxpayers offering spurious financial support or tax refunds, sometimes threatening them with arrest if they don’t immediately pay fictitious tax owed.”

The furlough scheme opened for registrations this week. On its first day the scheme received applications from more than 140,000 firms.

The tax authority said it has detected more than 54 Covid-related financial scams to date, of which most are by text message.

The spokesperson added: “We have asked internet service providers to take down more than 227 web addresses associated with these scam campaigns.

"Several of the scams mimic government messages such as ‘Stay at home’ and ‘Stay home, stay safe’, as a way of appearing authentic and unthreatening.

“If someone texts, emails or calls claiming to be from HMRC, saying that you can claim financial help or are owed a tax refund, and asks you to click on a link or to give information such as your name, credit card or bank details, it’s a scam.

“We have a dedicated customer protection team in our cyber security operations and work is always ongoing to identify and close down scams.”

Research from cyber security company Barracuda Networks has found that Coronavirus-related phishing emails have risen by 667 per cent since the start of March.

According to the company, 137 phishing emails were identified in January, 1,188 in February and over 9,000 in March.

The scams included fraudulent communication purporting to be from the World Health Organisation (WHO) and the NHS and private health suppliers selling facemasks and other personal protection equipment.

Chris Ross, senior vice president at Barracuda Networks, said: “We’re seeing a sharp rise in phishing emails relating to the Covid-19 outbreak and this example underlines how hackers will prey upon vulnerable business owners who are trying to protect jobs.

“As always with these scams, the victim is encouraged to disclose personal data and financial information under the false assumption that the email is legitimate. 

“It is absolutely vital that businesses have the cyber security systems in place to identify and quarantine phishing emails and ensure that every employee is properly trained to spot suspicious communication and think twice before giving out personal information.”

amy.austin@ft.com

What do you think about the issues raised by this story? Email us on fa.letters@ft.com to let us know.