Something phishy
There are crooks out there attempting to steal your valuable personal information. One way to con you into handing over your details is to send you an e-mail that contains a link to a website that appears to belong to an organisation you trust, such as a bank. This is known as ‘phishing’. Alternatively the e-mail may contain an attachment that will launch software to search your computer for passwords and report back to the criminals.
The latest phishing e-mails appear to come from the HMRC computer to acknowledge receipt of VAT returns and self-assessment tax returns. The e-mail even appears to be sent by ‘noreply@hmrc.gov.uk’, but it contains a zip file attachment (a condensed file containing a large volume of data).
HMRC would never send an attachment with a VAT or tax return acknowledgement. The tax return acknowledgements also contain fake UTR numbers.
You can protect yourself from phishing e-mails by taking the following common-sense steps:
- Check the context of the email – are you a customer of that bank, or are you expecting an acknowledgment of a tax return?
- Check the details in the email make sense – for instance, has the reference number got the right number of digits? Genuine unique tax reference numbers have 10 digits.
- Never open attachments sent by an unknown source.
- If in doubt about a tax-related e-mail, ask us first.