Worldwide increase in Phishing Attacks during Tax Season


When isn’t there a phishing attack going around? We always seem to find a dodgy looking email caught in our junk inboxes, and one which occasionally misses the filters and ends up in our inboxes. We’ve seen it all – from scammers pretending to be a phone company, to HMRC impersonators claiming that with a small fee they will release a large sum of money to us. But now, with tax season looming, it seems more scammers are finding ways to con good people out of money.

According to a recent report, the Internal Revenue Service in the USA has issued a new warning for consumers after seeing a 400% surge in phishing and malware incidents in the first few weeks of the 2016 tax season. Apparently, there were 1,026 incidents reported in January, up from 254 from a year earlier. The spokesperson for IRS said, “Be very careful who you trust for tax advice and who you trust with your personal information on the internet. Con artists shamelessly take advantage of people. People should be on-guard for these scams, and safeguard their social security numbers, finances and personal information. We urge people not to click on these emails.”

The trend in phishing attacks at this time of year is also true in the UK. It is important to be vigilant at this time, and ensure you do not fall for any common scams that are going around. Here are some common signs of a phishing email:

  1. It seems too good to be true. It will probably be telling you that you are due some tax, perhaps a really good chunk of money. It might include a link to the ‘website’ or it might ask for you to reply with a cheque to release the funds. Either way, if it’s too good to be true, it probably is. This is exactly the case of some clients of payday loan company Wonga SA, many of whom were sent and emails and text messages claiming that they could get a great deal on a personal loan, after they paid an ‘upfront fee.’ Wonga said they would never ask for an upfront fee like this, and reacted quickly by setting up a fraud hotline for their clients to call if they seemed concerned about a suspicious mail.
  1. The email contains a link which sends you off somewhere. As previously mentioned, a mismatched URL is common in a phishing email. It might ask you to click the link to take you through to the HMRC website, but if you do, you’ll notice the URL is a fake and copied version of the website.
  1. The message contains poor spelling in the topic/body of the email. Commonly you’ll see bad spelling and grammar. HMRC would usually check all correspondence before sending it out and you’d rarely see an error in authentic communications.

Comments are closed.