Tax authorities in the UK are contacting millions of people, telling them that they have paid the wrong amount of tax.
As the BBC reports, the mistakes in tax payment calculations have been uncovered following the introduction of a new computer system.
So, it’s good news for some (who will be receiving an unexpected windfall in the form of a tax rebate) and bad news for others, who will find that they are being asked to make uncomfortable additional payments to the HMRC.
But if you think you had enough to worry about with the possibility of an unexpected extra tax demand, UK internet users are also at risk as scammers exploit the confusion.
For instance, here’s a message we caught in our spam traps this morning which claimed to come from HMRC with the subject line “You Have An HMRC Refund”:
Part of the email reads:
Following an upgrade of our computer systems and review of our records we have investigated your payments and latest tax returns over the past years, our calculations show you have made over payments of 317.66GBP
Due to the high volume of refunds you must complete the online application.
Your refund may take up to 6 weeks to process please make sure you complete the form correctly.
In order to process your refund you will need to complete the attached application form.
Attached to the email is a file called Refund-Form.zip, which contains an HTML file called Refund-Form.htm which asks for information including your credit card details, full date of birth, and mother’s maiden name.
If you do make the mistake of filling in the form, your confidential data is uploaded to a Chinese server. You’re not going to receive a windfall because of this form – you’ve just been phished.
The real HMRC website contains advice about scams like this, and clearly states that they would never customers of a tax rebate via email, or invite them to complete an online form to receive a rebate of tax.
You have been warned – don’t let your eagerness for a tax refund lead to you throwing caution to the wind.