Fraud and scams
If you have received an email that you consider to be fraudulent, please
forward it to HMRC at phishing@hmrc.gsi.gov.uk.
HMRC cannot reply to every email, but it does investigate and take Online
Security very seriously.
To help you spot a scam email HMRC has compiled a list of key points
to look out for:
- Disclosing personal information - HMRC will never ask you to disclose
personal information such as your PIN or your passwords, or your bank
details. Never disclose this information to anyone.
- The padlock - when you log in to HMRC Online Services you are always
in a 'secure session' - which is shown by the padlock or an unbroken
key in the bottom right hand corner of your web browser. The beginning
of HMRC's address will change from 'http' to 'https' when a secure connection
is made.
- Your name - fraudulent emails are not normally addressed to you personally;
they can have missing addressee details or contain something vague such
as 'Dear valued customer'.
- The sender - HM Revenue & Customs (HMRC) was formed on the 18
April 2005 following the merger of Inland Revenue and HM Customs and
Excise departments. Those former departmental names no longer exist.
Recent fraud attempts have used fake
departmental names, and purporting to be sent from HMRC
Board Members.
- Links within the email - the email may include a link that you are
asked to follow to take you to a website. Following the link takes you
to a site that may look genuine, but it is most probably a fake. Always
access the HMRC website by typing HMRC's address in the address bar
of your web browser.
What to do if you receive a scam email
HMRC would never contact you asking you to disclose personal information.
If you have received an email requesting personal information, payment
of tax or suggests you are due a tax rebate, please take the following
action:
