A taxing issue

“In this world, nothing can be said to be certain, except death and taxes” was a famous quote from one of the Founding Fathers of the United States of America, Benjamin Franklin. And whilst none of us will ever be heard uttering the phrase “I don’t pay enough tax”, we often will say that we think we are paying too much tax.

The bad news is that fraudsters know that too and will target their nefarious campaigns on that matter, offering tax rebates to everyone who will read their email. This isn’t a new issue but the phishing attempts have become more sophisticated as the years have passed. We all want to believe that the Government is benevolent and that in such tough economic times they are looking out for us all. With Christmas just around the corner what better way to reward our hard work than telling us we have a tax refund due. Except we haven’t and especially one for such a large amount.

This is the latest attempt to hook me in. It looks relatively official and there isn’t much out of line from the authentic emails I receive from HMRC apart from a few tell-tale signs that this is an attempt to phish me or to inadvertently download malware onto my device. Here’s ten for starters (and there are more if you want to go into even more detail):

  1. HMRC will never state an amount of tax owed (by either party) in an email – they will let you know you have a message that that you need to log into your account to read it;
  2. HMRC will never ask you to click on a link in an email – they will have a message within the email body saying “For security reasons, we have not included a link with this email.” and in the footer of the email say “Do not reply to it or click on any links”;
  3. The footer is missing on the email as too is the crown icon in the header;
  4. There are at least 25 grammatical and spelling mistakes in the email – capitalisation of random words, use of (brackets) when they are not needed and no hyphen in self-assessment;
  5. The email is not personalised – all HMRC emails are sent address to a named person;
  6. Kind Regards? Really? I don’t think the Tax man has any regard for us and never signs off emails with that;
  7. HMRC emails come from a ‘tax.service.gov.uk’ subdomain;
  8. The email was sent using a Email Marketing Platform (details appear next to the sent from address). The platform in question ironically has a helpful FAQ section on their website on how to spot phishing emails;
  9. Why would HMRC need your passport details? Just because someone pays tax does not mean they have a valid passport or even one at all;
  10. And finally, the biggest give away for most of us is that WE DO NOT OWN A BUSINESS!

Remember, if it looks too good to be true, it probably is. If you receive an email from HMRC and you aren’t sure if it is genuine, you can report it to them here.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s