Students Warned Of Tax Refund Frauds

Uploaded on 2021-10-04 in GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Financial

Britain's tax collection agency, Her Majesty's Revenue & Customs (HMRC) is warning university students to be wary of potential scams, especially if they have a part-time job and are new to interacting with the Tax agency. 

In the past year almost one million people reported fraud attempts to HMRC and higher numbers of students going to university this year means more young people may choose to take on part-time work and interacting with HMRC. They might be unfamiliar with the genuine contact processes from the department which could make them vulnerable to fraud

HMRC is a familiar brand, which fraudsters  abuse to add credibility to their scams and early half of all tax scams offer fake tax refunds by SMS or email, which HMRC does not offer.Links or files in emails or texts can also download dangerous software onto a computer or phone. This can then gather personal data or lock the recipient’s machine until they pay a ransom.The criminals involved are usually trying to steal money or personal information to sell on to others. 

Between April and May this year, 18 to 24-year olds reported more than 5,000 phone scams to HMRC. Mike Fell, Head of Cyber Security Operations at HMRC, said: "Most students won’t have paid tax before, and so could easily be duped by scam texts, emails or calls either offering a ‘refund’ or demanding unpaid tax... Students, who will have had little or no interaction with the tax system might be tricked into clicking on links in such emails or texts. Our advice is to be wary if you are contacted out of the blue by someone asking for money or personal information. We see high numbers of fraudsters contacting people claiming to be from HMRC." 

If in any doubt, the HMRC advise recipients of suspicious messages not to reply directly to do anything suspicious, but to contact HMRC through GOV.UK straight away and search GOV.UK for 'HMRC scams'.   

In the last year (September 2020 to August 2021) HMRC has:

•    Responded to 998,485 referrals of suspicious contact from the public. Nearly 440,730 of these offered bogus tax rebates.

•    Worked with the telecoms industry and Ofcom to remove 2,020 phone numbers being used to commit HMRC-related phone scams.

•    Responded to 413,527 reports of phone scams in total, an increase of 92% on the previous year. In April last year we received reports of only 425 phone scams. In August 2021 this had risen to 3,269.

•    Reported 12,705 malicious web pages for takedown.

•    Detected 463 COVID-19-related financial scams since March 2020, most by text message.

•    Asked Internet Service Providers to take down 443 COVID-19-related scam web pages.

By June this year, more than 680,000 students had applied to attend university and over 900,000 had held part time jobs during the 2020 to 2021 academic year offering criminals a large potential number of targets to attempt fraud

Action Fraud:        Gov.UK:      Gov.UK:

You Might Also Read: 

Vaccine Passport Scams:

« EU Competitions: Cyber Security Enthusiasts Invited to Enter
Facebook, WhatsApp & Instagram Suffer Massive Outage »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Ethio-CERT

Ethio-CERT

National Cyber Emergency Readiness and Response Team of Ethiopia.

OCERT

OCERT

OCERT is the National Computer Emergency Response Team of Oman.

BTWorks

BTWorks

BTWorks provides identity management and anti-phishing / smishing solutions for web and mobile apps.

Johnson Controls International

Johnson Controls International

Johnson Controls is a global diversified technology company with a focus on smart cities, energy, infrastructure and transportation including the security of automation and control systems.

NFIR

NFIR

NFIR is a specialist in the field of cyber security incident response and digital forensics.

MISP Project

MISP Project

The MISP threat sharing platform is a free and open source software helping information sharing of threat intelligence including cyber security indicators.

Depth Security

Depth Security

Depth Security assessment services provide organizations with real-world visibility into threats facing their infrastructure and applications.

Otorio

Otorio

OTORIO delivers industrial cybersecurity and digital risk-management solutions and services. We help our customers to keep their revenue-generating operations resilient, efficient, and safe.

CyberCatch

CyberCatch

CyberCatch provides an innovative cybersecurity Software-as-a-Service (SaaS) platform designed for SMBs.

Anonos

Anonos

Anonos is a global software company that provides the only technology capable of protecting data in use with 100% accuracy, even in untrusted environments.

Metallic.io

Metallic.io

Metallic (formerly TrapX) is a SaaS portfolio for enterprise-grade backup and recovery, designed to protect your data from corruption, deletion, ransomware, and other threats.

SignMyCode

SignMyCode

SignMyCode is a one-stop shop for trusted and authentic code signing solutions to safeguard software.

Prembly

Prembly

Prembly are a compliance and security infrastructure company.

US Cyber Games

US Cyber Games

US Cyber Games is committed to inform and inspire the broader community on ways to develop tomorrow’s cybersecurity workforce.

CyberCure

CyberCure

CyberCure provide specialised roles and services to manage your organisations cybersecurity requirements and professional advisory services in governance, risk and compliance.

Post-Quantum Cryptography Alliance (PQCA)

Post-Quantum Cryptography Alliance (PQCA)

The alliance seeks to address cryptographic security challenges posed by quantum computing by producing high-assurance software implementations of standardized algorithms.