Our Crime Reduction team is advising people to be alert to bogus telephone calls, supposedly from HM Revenue and Customs (HMRC), following some reports from the county’s residents. 

An HMRC spokesperson said: “HMRC takes security extremely seriously. We are aware that some people have received telephone calls from individuals claiming to be from HMRC. We have a well-known brand, which criminals abuse to add credibility to their scams.

 

“These scams often involve people receiving a call out of the blue and being told that HMRC is investigating them. If you can’t verify the identity of the caller, we recommend that you do not speak to them.”

 

Please be alert to this sort of activity by scammers, which is known as “phishing”, and do share this advice with your friends and relatives. Especially those who may not be inclined to check the validity of the calls, or who may be vulnerable.


What is Phishing?

Phishing is a method used by fraudsters to access valuable personal details, such as usernamespasswordsand banking details. This information has a monetary value for criminals.


Phishing activity is not confined to telephone calls. It may also take the form of letters or online via emails, instant messages or text messages, with malicious attachments, or website links to infect computers or mobile devices. Very often these will appear to be authentic communications from legitimate organisations, and may be quite sophisticated in their execution.


Phishing messages try to convince the recipient that they are from a trusted source. “Spear-phishing” is a technique whereby criminals target an individual using personal information to earn trust and lower the intended victim’s defences, increasing the chances they may open attachments or embedded links.


Embedded links within a message can direct you to a hoax website, where your login or personal details may be requested. You may also run the risk of your computer or smartphone being infected by viruses.


Once your personal details have been accessed, criminals will then record this information and use it to commit crimes such as identity theft and bank fraud.  Your details may also be sold onto other criminals.

What to look out for and what you should do if you receive a phishing message:

·       Be aware and proactive

o   When responding to emails or phone calls, never give your login or any personal details.

o   If you receive an email from a company that claims to be, or appears to be, legitimate, but is requesting these details, use a telephone number for the organisation that you have sourced reputably. Speak to them directly to confirm that the message is genuine before responding.

·       Use your spam filter

o   If you detect a phishing email, mark the message as spam and delete it. This ensures that further messages cannot reach your inbox in future.

·       Know your source

o   Never respond to a message from an unknown source.

o   Take care not to click any embedded links. Phishing emails are usually sent to a vast number of randomly generated addresses. However, clicking embedded links will provide verification of your active e-mail address. Once this occurs it may prompt further malicious emails.

o   Even “unsubscribe” links can be malicious.

o   Ensure that the email is from a trusted source and you are, in fact, subscribed to the service.


Safety tips from Bank Safe Online about phishing emails:

·       Genuine organisations like banks or HMRC will never contact you out of the blue to ask for your PIN, password or bank details.

·       The email address that appears in the ‘from’ field of an email is not a guarantee that the email came from the person or organisation that it claims to have originated from.

·       Fraudsters are unlikely to know your real name, so the email may address you in vague terms, for example ‘Dear Valued Customer'.

·       Phishing emails will probably contain odd ‘spe11ings’ or ‘cApitALs in the ‘subject’ box and contain spelling or grammatical errors in the email – this is an attempt to get around spam filters and into your inbox.


If you’ve lost money, or information, or your computer has been taken over by a phishing or malware attack, report it to Action Fraud.


Take action - forward suspicious emails claiming to be from HMRC to phishing@hmrc.gsi.gov.uk and texts to 60599, or contact Action Fraud on 0300 123 2040 to report any suspicious calls or use their online fraud reporting tool.


Check GOV.UK for information on how to avoid and report scams, and recognise genuine HMRC contact.


If you think you have received an HMRC related phishing/bogus email or text message, you can check it against the examples shown in this guide.

Message sent by
Louise Ross (Police, Communications Officer, Be)