Phishing is the fraudulent act of emailing a person in order to obtain their personal/financial information such as passwords, credit card or bank account details. These emails often include a link to a bogus website encouraging you to enter your personal details.
The guidance below may help you to recognise a phishing email.
If you have received a HMRC related phishing/bogus email, please forward it to firstname.lastname@example.org and then delete it.
Look out for a sender's email address that is similar to, but not the same as, HMRC's email addresses. Fraudsters often have email accounts with HMRC or revenue names in them (such as 'email@example.com'). These email addresses are used to mislead you.
However be aware, fraudsters can falsify (spoof) the 'from' address to look like a legitimate HMRC address (for example '@hmrc.gov.uk').
HMRC will never ask you to provide confidential or personal information such as passwords, credit card or bank account details by email.
Fraudsters want you to act immediately. Be wary of emails containing phrases like 'you only have three days to reply' or 'urgent action required'.
Fraudsters often include links to webpages that look like the homepage of the HMRC website. This is to trick you into disclosing personal/confidential information. Just because the page may look genuine, does not mean it is. Bogus webpages often contain links to banks/building societies, or display fields and boxes requesting your personal information such as passwords, credit card or bank account details.
You should be aware that fraudsters sometimes include genuine links to HMRC web pages in their emails, this is to try and make their emails appear genuine.
Fraudsters often send high volumes of phishing emails in one go so even though they may have your email address, they seldom have your name. Be cautious of emails sent with a generic greeting such as 'Dear Customer'.
Spelling mistakes and poor grammar.
Be cautious of attachments as these could contain viruses designed to steal your personal information.
If you are suspicious of the email you have received, please forward it to the following email address and then delete it.
You should never disclose your personal and/or payment information in reply to an email that may look like it's from HMRC, you may well be revealing your details to a fraudulent website.
However, if you have already given any of your personal information, for example your HMRC User ID, password or National Insurance number, in reply to a suspect email please forward brief details to the email address below.
Please do not disclose any of your personal details or information in the email report to HMRC. However it would help us to investigate if you would tell us the type(s) of information that you disclosed to the suspect website. For example - I gave my name, address, date of birth, bank card details, HMRC User ID etc.
We will act upon all HMRC related phishing emails, removing reported fraudulent websites.