New HMRC SMS Phishing Scam Targets Self-Employed Workers.

Cyber-criminals have launched a new phishing scam designed to steal personal and financial details of self-employed workers using the Self-Employment Income Support Scheme (SEISS) during the COVID-19 outbreak.

HMRC phishing scam

The scam was uncovered by litigation company Griffin Law and begins with a text message sent to self-employed workers offering a tax rebate purporting to be from HMRC. This is in the wake of chancellor Rishi Sunak’s recent announcement of an extension to the SEISS.

According to Griffin Law, the text message informs victims that they are eligible for a tax refund and redirects them to a bogus website which leads to a realistic copy of the official HMRC site. Users are then met with a form which asks them to enter their email address, postcode and HMRC log-in details, before a fake refund amount is calculated.

From there, victims are taken to another page and asked to enter personal information including card number, name on card, account number, security code and expiry date.

Griffin Law estimates that around 100 self-employed workers have so far reported the scam to their accountants and business networks.

Commenting on the news, cyber-expert Chris Ross, SVP, Barracuda Networks, said: “This is the latest in a series of sophisticated HMRC-branded phishing scams designed to target vulnerable workers during the COVID-19 outbreak. We’ve seen a sharp rise in these kinds of schemes, often carefully crafted and timed alongside new government funding announcements to increase the likelihood of duping unsuspecting workers into handing over personal financial data.”

Andy Harcup, VP, Absolute Software, added: “The scam uses official government branding, logos and layouts, including a disclaimer about the site using cookies to fool users into thinking this is a legitimate way to reclaim money. It is vital that users remain vigilant to such attacks, checking the origin and legitimacy of sites before handing over confidential financial data. It’s also critical that companies ensure they have the necessary cybersecurity systems in place to protect against malicious communications across all workplace laptops and devices, to keep hackers at bay.”

We’re Team Metalogic

We’re Team Metalogic, a managed IT services provider offering outsourced IT solutions to SME’s across the UK. With a proven track record, with extensive experience and a full portfolio of industry accreditations & certifications.

Our stress-free solutions don’t complicate things, in fact, they improve efficiency and save money.

Share this page

  •  
  •  
  •  

Team Metalogic announced in Channel Futures’ 2020 MSP 501 list

Team Metalogic has achieved a place on Channel Futures’ 2020 MSP 501 list.

Find out more
Can the dark web be monitored?

Can the dark web be monitored?

You may be familiar with the term “the dark web” but its definition is sometimes unclear. The dark web is more often than not described as a dangerous aspect of the internet, causing the question ‘can the dark web be monitored’ to arise .

Find out more

Customer Satisfaction

Making sure we're hitting the mark when it comes to customer satisfaction is a top priority for us. That's why we publish real-time feedback information live on our web site.

Find out more

41% of UK Workers Without Cybersecurity Training

An average of 41% of UK employees across all sectors have not received adequate cybersecurity training, which is leaving businesses and individuals vulnerable to attacks, according to a new study by Specops Software.

Find out more

Wondering if we have the right solution for you?

We’d love to talk

Request a call back

About Cookies On This Site
We use cookies to personalize and enhance your experience on our site and improve the delivery of ads to you. Visit our Cookie Policy to learn more. By clicking accept", you agree to our use of cookies.