ScamsJun 10 2020

Self-employed targeted with new tax scam

twitter-iconfacebook-iconlinkedin-iconmail-iconprint-icon
Search supported by
Self-employed targeted with new tax scam

Fraudsters have come up with a new phishing scam designed to steal personal and financial details of millions of self-employed workers using the government’s coronavirus support scheme.

The scam, uncovered by Griffin Law, purports to be from HM Revenue and Customs and sends a text message to individuals using the government’s Self-Employment Income Support Scheme (Seiss) offering a tax rebate.

It comes after self-employed people were targeted by HMRC impersonators offering a lump sum payment under the support scheme in March.

The latest text message informs the victim they are eligible for a tax refund and directs them to a website named “https://hmrefund.com”, which then leads to an “incredibly realistic” copy of the HMRC government site., the firm said.

A form on the site then asks for the individual’s email address, postcode and HMRC log-in details. 

The form calculates a fake refund amount, which when tested by Griffin Law totalled £217.17.

However, the pound sign appears after, rather than before, the figure which made individuals who reported the scam wary.

The next page shows an online form asking key personal information from the victim, including their card number, name, account number, security code and expiry date.

Screenshots of the scam taken by Griffin Law:

Griffin Law said around 100 self-employed workers have so far reported the scam to its accountants and business networks.

The scam comes after chancellor Rishi Sunak announced an extension of the scheme, which has so far received 2.3m claims worth £6.8bn.

An HMRC spokesperson said the tax office has detected 98 Covid-related financial scams since March, most by text message and has asked internet service providers to take down more than 100 web pages associated with these scam campaigns. 

They said: “Criminals are taking advantage of the package of measures announced by the government to support people and businesses affected by coronavirus.

"Criminals text, email or phone taxpayers offering spurious financial support or tax refunds, sometimes threatening them with arrest if they don’t immediately pay fictitious tax owed.

“Several of the scams mimic government messages such as ‘Protect the NHS. Stay home. Save lives’, as a way of appearing authentic and unthreatening. 

“If someone emails, texts or calls claiming to be from HMRC, saying that you can claim financial help or are owed a tax refund, and asks for personal or bank details, it might be a scam."

Chris Ross, senior vice president at cyber security firm Barracuda Networks, said: “This is the latest in a series of sophisticated HMRC-branded phishing scams designed to target vulnerable workers during the Covid-19 outbreak. 

“We’ve seen a sharp rise in these kinds of schemes, often carefully crafted and timed alongside new government funding announcements to increase the likelihood of duping unsuspecting workers into handing over personal financial data.”

Andy Harcup, vice president of Absolute Software, said: “This particular scheme is designed to trick unsuspecting self-employed workers into claiming a tax refund, at a time when many people are struggling to make ends meet. 

“It is vital that users remain vigilant to such attacks, checking the origin and legitimacy of sites before handing over confidential financial data. 

“It’s also critical that companies ensure they have the necessary cyber security systems in place to protect against malicious communications across all workplace laptops and devices, to keep hackers at bay.”

Figures from Canada Life last month (May 26) showed 5.2m people in the UK had fallen victim to, or knew someone who had been duped by, a financial scam since the beginning of the virus outbreak. 

The research found the most common financial scams were related to banking, accounting for 60 per cent of victims, followed by 35 per cent of victims reporting being targeted by an insurance scam. 

One in five of these victims had been targeted by a pension scammer amid an increase in fraudsters purporting to offer free pension reviews. 

Research from the All-Party Parliamentary Group on pension scams found with more people staying at home, in line with social distancing and lockdown restrictions, it was increasingly likely pension savers would be contacted by scammers via phone or online.

amy.austin@ft.com

What do you think about the issues raised by this story? Email us on fa.letters@ft.com to let us know