Save, make, understand money

Household Bills

HMRC-branded phishing scams up 87% in a year

Joanna Faith
Written By:
Joanna Faith

Reports of HMRC-branded phishing scams have jumped by 87 per cent in the last year.

There were 1.07m scam reports in 2020-21, up from 570,000 the previous year, according to data obtained by accountancy group Lanop Outsourcing under the Freedom of Information (FOI) Act.

Reports of suspected SMS scams shot up 52 per cent, rising from 67,497 to 102,562 attacks. Email scams jumped by 109 per cent, rising from 301,170 to 630,193, and reports of phone call scams increased 66 per cent, from 203,362 to 336,767.

Of the scams listed, the majority were tax rebate or refund scams which rose by 90 per cent from 363,118 and 690,522. In addition, voice scam attacks rose by 66 per cent, jumping from 203,362 to 336,767.

HMRC also receives reports for the Driver and Vehicle Licensing Agency (DVLA) and acts on its behalf to initiate website takedowns. In 2019-20 there were 5,549 reports and a whopping 42,233 reports in 2020-21 – an increase of 661 per cent.

Cyber expert Andy Harcup, senior director, at Gigamon, said: “The sharp rise in HMRC-branded phishing attacks poses huge risks to businesses and individuals, with many organisations lacking the resources to identify and protect against malicious hackers. All it takes is a single employee to unwittingly handover confidential passwords and user details and cyber criminals are free to enter and wreak havoc across the network.

“The fact is that companies cannot neutralise these attacks without full visibility into network traffic and getting complete visibility into potential hostile threats. The days of allowing security blind spots to remain unchecked are over and a getting a complete view of what’s happening and when should now be the new normal in terms of security protocol.”

Research last week from Citizens Advice revealed two thirds of UK adults – equivalent to 36 million people – have been targeted by scammers since January.