Newsletter Summer 2013

Something phishy

There are crooks out there attempting to steal your valuable personal information. One way to con you into handing over your details is to send you an e-mail that contains a link to a website that appears to belong to an organisation you trust, such as a bank. This is known as ‘phishing’. Alternatively the e-mail may contain an attachment that will launch software to search your computer for passwords and report back to the criminals.

The latest phishing e-mails appear to come from the HMRC computer to acknowledge receipt of VAT returns and self-assessment tax returns. The e-mail even appears to be sent by ‘noreply@hmrc.gov.uk’, but it contains a zip file attachment (a condensed file containing a large volume of data).

HMRC would never send an attachment with a VAT or tax return acknowledgement. The tax return acknowledgements also contain fake UTR numbers.

You can protect yourself from phishing e-mails by taking the following common-sense steps:

  1. Check the context of the email – are you a customer of that bank, or are you expecting an acknowledgment of a tax return?
  2. Check the details in the email make sense – for instance, has the reference number got the right number of digits? Genuine unique tax reference numbers have 10 digits.
  3. Never open attachments sent by an unknown source.
  4. If in doubt about a tax-related e-mail, ask us first.