Millions of taxpayers have been hit by a tax scam epidemic over the past three years and the number of attempts is still growing.
Responding to a Freedom of Information request, HM Revenue & Customs (HMRC) have revealed there have been more than 2.6 million attempted frauds over the last three years by conmen claiming to be tax officials.
‘Phishing’ emails based on tax rebates were the most popular with 1,957,000 reported attempts.
The huge number would have been even higher if it were not for a verification system called DMARC which was introduced by HMRC to ensure contact was being made from a genuine source.
Tax officials believe it prevented as many has half a billion emails reaching consumers.
Text messaging was the second most popular method of scamming with a total of just over 150,000 instances reported, though numbers have declined by about half as emails have become more popular.
Phone scams have also risen massively from just 407 reported in 2016-17 to 104,774 over the last year.
A total of 50,323 phishing websites have been reported with 20,750 taken down in 2017-18, a 29% increase on the previous year.
But it’s not just HMRC who are suffering. Cyber crime experts are reporting increases in all kinds of businesses.
On the rise
Tessian is a software company that prevents phishing and chief executive Tim Sadler said: “What we see happening here with HMRC is happening across the board.
Impersonation phishing attacks are on the rise as cybercriminals think up new ways to encourage people to share personal data or transfer money.
“And what better way to convince an individual to share information than to impersonate a position of trust and authority?
“The problem is that the digital world has altered the way trust develops online.
Without the typical behavioural cues we use when physically interacting with a person, it becomes easier for hackers to manipulate people’s trust and increase the believability of a message or online persona. Hackers are also making their messages more convincing.”
The latest action taken by HMRC has centred around preventing fraudsters copying their telephone number, forcing a 25% drop in overall reports and no new impersonations for several months.
A partnership with telecoms regulator Ofcom has prevented spoofing of the most recognisable of HMRC’s helpline numbers which often begin with 0300.
Pension scheme members have reported an increase in scam activity around transfers of more than £73 million in the last year.
XPS Pensions Group said their members ‘red-flagged’ a three-fold increase in suspicious activity in the last 12 months.
Some of the key issues identified included lack of awareness around fees, confusion regarding how independent financial advisors work and misunderstanding of the transfer process.
XPS principal Wayne Segars said: “Over the last year we have seen a big increase in the number of warning signs being identified for potential scam activity on pension transfers, from one-in-eight in June 2018 to one-in-three in June 2019.
“Fortunately, not all turn out to be scams, but it is good to see an increased understanding of the warning signs. Our scam identification team identified the red flag warnings by speaking directly to members, which is a key part of the data gathering process.”