This is a significant decrease in the half a billion phishing emails sent to customers alleging to be from an ‘@HMRC.gov.uk’ email address in both 2014 and 2015, the tax authority said.

HMRC’s head of cyber security, Ed Tucker, said: “Phishing emails are a major focus for our cyber security team. They’re more than just unwanted messages; they are a means by which criminals look to exploit members of the public and gain access to their personal and financial data. This in turn can lead to fraud and identity theft.

“By introducing a new level of security, we’ve been able to tackle these threats head-on and almost all attempts to scam taxpayers by pretending to be from an HMRC email address will now fall flat. The added security this brings will be invaluable, especially at this time of year when many customers are busy using their online Personal Tax Account to submit their Self-Assessment returns.”

HMRC has implemented a new email authentication protocol. The security process works by determining which email servers are allowed to send emails on behalf of the organisation. If an email passes the checks it is deemed legitimate and delivered. If it fails then it is deemed fraudulent and is not delivered.