Phishers exploit HMRC tax error refund in UK

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Tax authorities in the UK are contacting millions of people, telling them that they have paid the wrong amount of tax.

As the BBC reports, the mistakes in tax payment calculations have been uncovered following the introduction of a new computer system.

So, it’s good news for some (who will be receiving an unexpected windfall in the form of a tax rebate) and bad news for others, who will find that they are being asked to make uncomfortable additional payments to the HMRC.

But if you think you had enough to worry about with the possibility of an unexpected extra tax demand, UK internet users are also at risk as scammers exploit the confusion.

For instance, here’s a message we caught in our spam traps this morning which claimed to come from HMRC with the subject line “You Have An HMRC Refund”:

Part of the email reads:

Following an upgrade of our computer…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.


Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.