New HMRC SMS Phishing Scam Targets Self-Employed Workers.

Cyber-criminals have launched a new phishing scam designed to steal personal and financial details of self-employed workers using the Self-Employment Income Support Scheme (SEISS) during the COVID-19 outbreak.

HMRC phishing scam

The scam was uncovered by litigation company Griffin Law and begins with a text message sent to self-employed workers offering a tax rebate purporting to be from HMRC. This is in the wake of chancellor Rishi Sunak’s recent announcement of an extension to the SEISS.

According to Griffin Law, the text message informs victims that they are eligible for a tax refund and redirects them to a bogus website which leads to a realistic copy of the official HMRC site. Users are then met with a form which asks them to enter their email address, postcode and HMRC log-in details, before a fake refund amount is calculated.

From there, victims are taken to another page and asked to enter personal information including card number, name on card, account number, security code and expiry date.

Griffin Law estimates that around 100 self-employed workers have so far reported the scam to their accountants and business networks.

Commenting on the news, cyber-expert Chris Ross, SVP, Barracuda Networks, said: “This is the latest in a series of sophisticated HMRC-branded phishing scams designed to target vulnerable workers during the COVID-19 outbreak. We’ve seen a sharp rise in these kinds of schemes, often carefully crafted and timed alongside new government funding announcements to increase the likelihood of duping unsuspecting workers into handing over personal financial data.”

Andy Harcup, VP, Absolute Software, added: “The scam uses official government branding, logos and layouts, including a disclaimer about the site using cookies to fool users into thinking this is a legitimate way to reclaim money. It is vital that users remain vigilant to such attacks, checking the origin and legitimacy of sites before handing over confidential financial data. It’s also critical that companies ensure they have the necessary cybersecurity systems in place to protect against malicious communications across all workplace laptops and devices, to keep hackers at bay.”

We’re Team Metalogic

We’re Team Metalogic, an IT support provider offering outsourced managed services to SME’s across the UK. With a proven track record, with extensive experience and a full portfolio of industry accreditations & certifications.

Our stress-free solutions don’t complicate things, in fact, they improve efficiency and save money.

Share this page

  •  
  •  
  •  

10 steps to cyber security

Protecting your data is crucial: any data lost or attacked compromises you and your organisation.

Find out more

What is passwordless authentication and is it right for your organisation?

Passwordless authentication is any way in which a user’s identity can be verified without the need for a password.

Find out more

New team member, Calum Challenger, excels in first few months with Team Metalogic

Calum Challenger joined Team Metalogic at the beginning of 2021 in the role of Junior Service Desk Engineer. Since then, he’s excelled in his first few months with the company.

Find out more

Microsoft for the Modern Workplace

Would you describe your workplace as modern?

Find out more

Wondering if we have the right solution for you?

We’d love to talk

Request a call back

About Cookies On This Site
We use cookies to personalize and enhance your experience on our site and improve the delivery of ads to you. Visit our Cookie Policy to learn more. By clicking accept", you agree to our use of cookies.