Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Phishing E-mails Impersonating HMRC Target UK Taxpayers

UK residents surfing on the Web are advised to watch out for fraudulent e-mails that relate to Value Added Tax, in short VAT, returns while posing as arriving from Her Majesty's Revenue & Customs (HMRC), published softpedia.com dated February 6, 2014.

It maybe noted that HMRC is a UK body for tax-collection.

Bearing the caption "Successful Receipt of Online Submission for Reference 3608005," the fake e-mails are made to disseminate malicious software.

These, by expressing gratitude to the recipient because he sent his VAT Return over the Net, inform that successful receipt of the reference 3608005 happened on 6th February 2014 a Thursday at time 20:32:34 +0100, and that the return is getting treated. HMRC offers its 'Make VAT Returns' as among its several Internet-services which help in saving one's paperwork and time. To get updated details about the user's VAT Return he's requested to view the attached report, the e-mails ends.

Unfortunately, the attachment named Reference.zip carries one malevolent file, which apparently is a screensaver, as reported in Dynamoo's Blog. Presently, just seven anti-virus solutions of all VirusTotal's engines have been able to detect the threat.

Meanwhile, stating about being wary of the above electronic mails, HMRC tells that it won't ever dispatch tax refund alerts over e-mail. It'll as well not request taxpayers to provide their financial alternatively other personal information via clicking any web-link else viewing any attachment sent through unsolicited e-mails. In fact, in all other countries too, tax agencies follow the same policy. Therefore, all users must be extremely careful with text messages/e-mails, which assert of say recipients' eligibility of a tax reimbursement. Indeed, no web-link or attachment arriving in such an e-mail must be clicked. Fake tax refund e-mails frequently and again-and-again get distributed as a tactic by online fraudsters observed since many years.

Now, phishing e-mails supposedly by HMRC have struck Internet-users previously too within UK. For instance, during December 2013, researchers from MX Lab the security company spotted one dangerous spam mail run which exploited HMRC's name during a bid to disseminate one fresh variant of ZeuS, a Trojan infamous for stealing banking data.

ยป SPAMfighter News - 2/12/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page