Phishing emails and bogus contacts
If you think you may have received a HM Revenue and Customs (HMRC) related phishing/bogus email, you can check it against the examples shown in this guide.
It will assist our investigations if you report all 'HMRC related' phishing emails to HMRC. Even if you receive the same/similar phishing email on multiple occasions, please forward it to firstname.lastname@example.org and then delete it. Do not open any attachments or click on any links within the email, as they may contain malicious software.
Email scam addresses
Tax rebate / tax refund
HMRC will never send notifications of a tax rebate/refund by email, or ask you to disclose personal or payment information by email.
Do not visit the website contained within the email or disclose any personal or payment information. A selection of scam email addresses used to distribute the tax rebate emails can be seen below:
HMRC does not use any of the above email addresses.
An example of a HMRC related phishing email / phishing website designed to trick people into disclosing personal information can be seen below:-
Recent Phishing email Scams
‘Your tax return was incorrectly filled out’ – email scam
HMRC is aware of a bogus email being circulated advising customers they have made mistakes while completing the last tax form
application (ID: XXXXXXXXXXX.)’ The email contains a link which should not be clicked as it may direct you to a phishing site or contain malware. Do not respond to this email. Forward it to email@example.com then delete it.
Individuals - Tax information newsletter, Issue: 2014/September
HMRC is aware of a bogus email being circulated requesting customers to verify their identity. It asks customers to provide photographic copies of their passport, NI card, utility bill and bank statement. Do not respond to this email. Forward it to firstname.lastname@example.org then delete it.
HMRC is aware of a bogus email being circulated advising customers their tax notices have been issued. The email includes an attachment which should not be opened as it contains a virus.
Do not respond to the email and delete it immediately.
HMRC Employer Alerts and Registrations
HMRC is aware that a bogus version of the 'Employer Alerts & Registrations' email is currently being circulated. The email advises customers that their registration details have been recorded for email alert purposes only. The fraudulent version of the email encourages customers to open an attached zip file and to complete all the relevant sections.
The attached zip file contains a virus and should not be opened. The genuine version does not contain a zip file.
Important information for employers - Employer Bulletin Issue 46
HMRC is aware of a bogus email being circulated advising customers that the latest version of the Employer Bulletin (Issue 46 ) has just been published. The email contains a separate zip file attachment which should not be opened as this contains a virus.
The genuine Employer Bulletin 46 was issued from 17 February and does not contain a zip file attachment.
Could not process Online Submission for Reference ***/EG123456
HMRC is aware of a bogus email being circulated advising customers that HMRC has not been able to process their Full Payment Submission. The email includes an attachment which should not be opened as it contains a virus. Do not respond to the email and delete it immediately.
VAT - successful receipt of online submission
HMRC is aware of a bogus email being circulated thanking customers for sending a VAT Return online. The email includes an attachment which should not be opened as it contains a virus.
Do not respond to the email and delete it immediately
HMRC is aware of companies who issue emails advertising their services. They offer to apply to HMRC for a rebate of National Insurance/tax on the customer's behalf, usually for a fee. These companies are not connected with HMRC in any way.
Historical phishing emails
The following are descriptions of phishing emails already reported by customers to HMRC: PayPal
Emails advising customers to download an attachment to request a tax refund via PayPal. Do not download the attachment.
Emails sent to customers from email@example.com that HMRC is carrying out additional security checks and requesting confirmation of bank details. Do not click on any of the links contained in the email.
Export Clearance Process (Delivery Stop Order)
Emails claim that goods have been withheld by customs and require a payment before release.
Requests made to customers for payment or personal information
HMRC is aware that customers have received emails requesting personal details or payment in exchange for:
- lottery winnings
- seized goods/packages (held by Customs and Excise)
- inheritance payments
HMRC will never request payment or personal details by email.
If you receive any of these mails please forward them to firstname.lastname@example.org and then delete them.
Note: fraudsters sometimes sign off such scams using the name of a genuine member of HMRC to try and make the scam appear more genuine. If you're in any doubt, please forward the email to HMRC for verification.
The scam leads customers to believe that they may have been the victim of fraud and requests personal details on the pretext that compensation will be paid.
Publication of companies and VAT registration numbers in the UKWhilst this is not a phishing scam HMRC is aware of a letter which is being issued to customers which leads them to believe that they are required to provide details of their VAT registration number.This company is not connected to HMRC and you are under no obligation to reply to the letter.
HMRC is aware that some customers have received telephone calls or home visits from people claiming to be from HMRC. They are encouraged to provide their bank account details in exchange for tax advice enabling them to make a payment or obtain a refund of tax. A fee is charged for this service.
If you cannot verify the identity of the caller we recommend that you report it to the police immediately.
SMS text messages
HMRC may occasionally issue SMS messages, however these messages will never request personal or banking information. If you receive an SMS message claiming to be from HMRC and offering a tax refund in exchange for personal/banking details you should not respond. It would assist our investigations if you could forward the SMS via email to email@example.com before deleting it.
Do not open any links contained within the SMS. An example of a phishing SMS message can be seen below.
Request to complete NRL1 forms and return by Fax
Lettings agents and landlords living abroad are being targeted by a series of scams. These request completion of a form NRL1 (by email, letter or fax) and ask for a considerable amount of personal information.
These forms (which may be headed 'Application for Withholding Certificate for Dispositions by Foreign Persons of UK Real Property Interests' or 'Application for a tax-free account and to receive rental income without deduction of tax for Non- UK Residents') are not issued by HMRC and should not be completed.
HMRC will never ask you to disclose personal information by email or fax.
Published June 2015