Security update – HMRC Scam

A new ‘HMRC’ scam has emerged which threatens customers with fines for late payments. 

The scam in question has recently affected one of our own customers, who was duped into making a false payment.

What is the scam?

The customer received a call from ‘HMRC’ approximately a week after making a normal payment to inform them that their payment was late, and the customer would receive a fine as a result. When the customer checked and confirmed that the payment had been made, the ‘HMRC’ agent alleged that the payment had been made to the wrong account.

‘HMRC’ informed the customer that this would be refunded into their account but that, in the interim, the customer would need to make the payment again to the ‘correct’ account in order to avoid being fined. The ‘HMRC’ agent then proceeded to provide beneficiary information to the customer, including a new bank account number and sort code. The customer only became aware that the activity was fraudulent when their bank flagged the suspicious transaction to them shortly after the second payment was made.

In addition, there were over 20 login attempts made to the customer’s mailbox from IP addresses across the globe, all of which were unsuccessful.

This incident is a typical example of fraudulent activity that on the front appears to be nothing more than a simple system error. On this occasion, the spammer in question has been aware of the target dates that HMRC work to and has used this knowledge to scam an unsuspecting customer.

How can I stop this from happening to me?

The security of our customers is our top priority and we will always do our utmost to ensure your systems are safeguarded. We would like to take this opportunity to remind our customers to be vigilant when dealing with any calls or emails that appear to be suspicious and ensure that you have the necessary security processes in place, including Multifactor Authentication (MFA) and Password RBL enabled. While these may not stop scammers from making a phone call, they will certainly prevent hacking attempts on your mailbox.

If you encounter any suspicious activity, or if you have any other questions or concerns, please get in touch.

  • Connectwise
  • Logitech
  • Microsoft Partner Gold x 6
  • HP Enterprise
  • HP Amplify Synergy Partner
  • Aruba
  • Mimecast
  • Watchguard
  • Citrix
  • BT
  • Webroot
  • Arcserve
  • APC
  • Plantronics