momius - stock.adobe.com

HMRC tackles almost 300 coronavirus phishing websites

Of 292 websites removed since lockdown began on 23 March, 237 were proactively identified by HMRC and 55 were flagged by the public

HM Revenue & Customs (HMRC) has asked the UK’s internet service providers (ISPs) to remove almost 300 Covid-19 coronavirus-related scam or phishing web addresses from the internet since the national lockdown began on 23 March, according to statistics gathered by legal firm Griffin Law under the Freedom of Information (FoI) Act.

Of the 292 websites removed, 237 were proactively identified by HMRC itself as part of its well-established work to tackle cyber crime, and 55 more were flagged by members of the public via its reporting inbox, which can be contacted at [email protected].

It also revealed that, to date, it has identified a total of 62 active phishing scams related to the coronavirus, most of them taking the form of fraudulent SMS messages.

HMRC, which was the first UK government body to implement the domain-based message authentication, reporting and conformance (Dmarc) protocol, takes scams exploiting its branding very seriously. It is particularly vulnerable to cyber criminals purporting to represent it – at least in part because of how the tax authorities are perceived by the general public.

Although HMRC does not contact random people by email to warn them they are being investigated for tax evasion, or that they have received a refund, it is not hard to understand how less cyber-savvy members of the public can fall for such scams.

For example, last month, many small business owners were targeted by a scam email purporting to be from HMRC advising them how to access funding through the government’s Coronavirus Job Retention Scheme.

Commenting on the new statistics, Andy Harcup, vice-president at endpoint security platform Absolute Software, said: “With millions of people working remotely during the lockdown, hackers are creating increasingly sophisticated email and text message scams designed to trick individuals into handing over confidential data.

“We have already seen a huge rise in phishing attacks purporting to be from key government initiatives such as the Coronavirus Job Retention Scheme, asking for bank account details and other personal information.

“It is vital that, during this difficult time, companies and workers remain vigilant, checking the legitimacy of all emails and ensuring they have the necessary security systems in place to identify these threats and prevent cyber criminals from exploiting vulnerable people during the Covid-19 outbreak.”

Read more about coronavirus phishing scams

  • Overall cyber crime activity isn’t necessarily going up amid Covid-19, experts say. However, coronavirus-themed emails are becoming the dominant form of phishing attacks.
  • The UK government’s scheme to pay furloughed employees 80% of their wages is being targeted by cyber criminals.
  • The National Cyber Security Centre has launched a reporting service for scam emails as part of a campaign to help people protect themselves from cyber criminals exploiting the pandemic.

Tim Sadler, CEO of email security services supplier Tessian, added: “All too often, these email scams are incredibly realistic, purporting to be from trusted organisations or authorities like HMRC, to convince people into complying with requests – whether handing over personal bank account details, phone numbers and passwords. 

“It is vital that companies and employees are made fully aware of these threats, particularly at a time with high levels of remote working, with many people in isolation and at a much greater risk of being defrauded. Key tips to stop scammers include being careful about sharing any personal information online, as well as being wary of unsolicited emails asking for urgent information. 

“It is also critical to avoid sharing financial details or personal information with unfamiliar websites. And if you’re still not sure, call HMRC directly to verify the legitimacy of their message.”

Computer Weekly contacted HMRC for comment on its work, but had not received a reply at the time of going to press.

Read more on Hackers and cybercrime prevention