Moore Thompson are urging their clients to be on the lookout for bogus emails featuring fraudulent HMRC and PayPal branding.
Action Fraud, the UK’s leading cybercrime agency, issued a public warning earlier this month after receiving hundreds of reports from Britons targeted by ‘fake’ emails which appeared to have been sent by HMRC and online payment service PayPal.
The bogus messages were branded and addressed from the two organisations, but were really designed to direct unsuspecting email users to replica websites requesting bank details and personal information – a cybercrime commonly known as a ‘phishing scam’.
The PayPal emails prompted readers to ‘update their accounts’, before directing them to a bogus phishing website.
The HMRC hoax took a different route – promising people ‘money back’ on recent tax returns if they visited the provided link.
More than 150 Britons contacted Action Fraud to raise awareness of the scams.
An Action Fraud statement issued earlier this month read: “We receive reports of PayPal scams all the time but this version is interesting because it lists activities which the account holder can and cannot do until they update their account.
“If you click on the ‘update my account’ link you will be directed to a page designed to steal your personal information.”
PayPal terms and conditions advise consumers that PayPal will only ever ask for personal details on the secure PayPal website, after users have safely logged in to their accounts.
HMRC claims on its website that it ‘will never use emails to tell you about a tax rebate or penalty’.