shaw gibbs - accountants and business advisers
accountants & business advisers

Have a question? Like to know more? - Contact us or Call +44-1865 292200 or +44-20 7436 4773, Mon-Fri 8:15am - 5:15pm

*Initial meeting is free of charge

To latest news
news article default image

HMRC phishing scams and how to avoid them

1 Mar 2016

2 minute read

As HMRC moves more of its services online, fraudsters are exploiting this transition by targeting taxpayers with bogus or fake emails. Known as ‘phishing’, these communications are designed to encourage people to impart sensitive personal or financial information which can then be used for fraudulent purposes. With an increasing number of people falling victim to such scams, HMRC has released updated guidance on how to recognise genuine contact from its agents.

Genuine contact from HMRC

Firstly, remember that HMRC will never send notifications of a tax rebate by email, nor will it ask you to disclose personal or payment information via email. There are, however, some occasions when the Revenue will make digital contact. Some examples include:

  • Trade statistics import/export data emails
  • Employer Bulletin emails
  • Tax credits letters from Concentrix
  • Tax credits – SMS text or voice prompts
  • VAT Mini One Stop Shop (MOSS) emails
  • Agents online self-serve email invitations
  • PAYE notices and reminders
  • Educational emails
  • Debt management and banking text messages
  • Inheritance tax online registration and application emails
  • VAT emails including VAT returns, VAT registration and VAT debt reminders
  • Annual Tax Summary email alerts.

Recognising fraudulent emails

Phishing emails often appear very convincing, but there are a number of signs which can help you to determine whether an email is fraudulent.

A fraudulent email is likely to have an incorrect ‘From’ address. The sender’s email address will often be very similar to a genuine HMRC address, for example the plausible, in order to mislead the recipient. More examples of some of the false email addresses frequently used can be viewed online at

Common greetings such as ‘Dear Customer’ may signify that the email is bogus, and you should also be cautious of any emails demanding urgent action, as criminals will often use such tactics to encourage an immediate response.

Links and attachments pose another potential threat. Phishing emails will often include a link to a webpage replicating those on the HMRC site. Although the page appears genuine, it may display fields requesting personal information or bank account details. You should also exercise caution when it comes to attachments in an email, as these may contain viruses designed to steal confidential information from your computer.

Reporting scams and suspicious contact

Any suspicious emails should be forwarded to If you believe you may have disclosed personal information by mistake, contact HMRC at Meanwhile, details of any misleading websites should be reported to Action Fraud – see or call 0300 123 20 40.

By remaining vigilant and following the above guidance, it is possible to minimise the risk of falling victim to phishing scams. For more information visit

news article default image

For more info contact us:

01865 292 200

020 7436 4773

© 2021 Shaw Gibbs Ltd

Your registration