Tax Refund Email Scam Uncovered in the UK
We talked about the spike in phishing attacks amid the coronavirus in our recent Cybersecurity & Data Privacy webinar with our partners Rize ETF to explain the opportunity of their CYBR ETF that is built on the Cybersecurity & Data Privacy Index that we developed with Foxberry. Below is yet another great example of “the why” behind that product.
A newly discovered phishing scam attempts to hook Brits with the promise of a tax refund from Her Majesty’s Revenue and Customs.
Research published today by Abnormal Security details a sophisticated fraud fest in which scammers impersonating the UK government target taxpayers via email.
Victims receive an extremely convincing message in their inbox informing them that they are to receive an outstanding tax refund from the 2018 tax year. Included in the email is a link to a fake website set up specially by the scammers to steal personal information from the victim.
The page has been designed to very closely resemble the official HMRC website, sporting the same logo, color scheme, graphic style, and font.
The criminals behind the fraudulent scam set a deadline on claiming the fake tax refund to increase pressure on victims to click on the malicious link.
“The attacker claims that the refund is time sensitive—the email was sent on April 16 and the attacker claims that the last day to claim is April 17. If the user does not immediately follow the link, they will lose access to their refund,” wrote a spokesperson for Abnormal.
Researchers noted a high level of detail was included in both the email and the fake landing page to produce an air of authenticity.
Source: UK Tax Refund Email Scam Uncovered – Infosecurity Magazine
