Students Warned Of Tax Refund Frauds

Britain's tax collection agency, Her Majesty's Revenue & Customs (HMRC) is warning university students to be wary of potential scams, especially if they have a part-time job and are new to interacting with the Tax agency. 

In the past year almost one million people reported fraud attempts to HMRC and higher numbers of students going to university this year means more young people may choose to take on part-time work and interacting with HMRC. They might be unfamiliar with the genuine contact processes from the department which could make them vulnerable to fraud

HMRC is a familiar brand, which fraudsters  abuse to add credibility to their scams and early half of all tax scams offer fake tax refunds by SMS or email, which HMRC does not offer.Links or files in emails or texts can also download dangerous software onto a computer or phone. This can then gather personal data or lock the recipient’s machine until they pay a ransom.The criminals involved are usually trying to steal money or personal information to sell on to others. 

Between April and May this year, 18 to 24-year olds reported more than 5,000 phone scams to HMRC. Mike Fell, Head of Cyber Security Operations at HMRC, said: "Most students won’t have paid tax before, and so could easily be duped by scam texts, emails or calls either offering a ‘refund’ or demanding unpaid tax... Students, who will have had little or no interaction with the tax system might be tricked into clicking on links in such emails or texts. Our advice is to be wary if you are contacted out of the blue by someone asking for money or personal information. We see high numbers of fraudsters contacting people claiming to be from HMRC." 

If in any doubt, the HMRC advise recipients of suspicious messages not to reply directly to do anything suspicious, but to contact HMRC through GOV.UK straight away and search GOV.UK for 'HMRC scams'.   

In the last year (September 2020 to August 2021) HMRC has:

•    Responded to 998,485 referrals of suspicious contact from the public. Nearly 440,730 of these offered bogus tax rebates.

•    Worked with the telecoms industry and Ofcom to remove 2,020 phone numbers being used to commit HMRC-related phone scams.

•    Responded to 413,527 reports of phone scams in total, an increase of 92% on the previous year. In April last year we received reports of only 425 phone scams. In August 2021 this had risen to 3,269.

•    Reported 12,705 malicious web pages for takedown.

•    Detected 463 COVID-19-related financial scams since March 2020, most by text message.

•    Asked Internet Service Providers to take down 443 COVID-19-related scam web pages.

By June this year, more than 680,000 students had applied to attend university and over 900,000 had held part time jobs during the 2020 to 2021 academic year offering criminals a large potential number of targets to attempt fraud

Action Fraud:        Gov.UK:      Gov.UK:

You Might Also Read: 

Vaccine Passport Scams:

« EU Competitions: Cyber Security Enthusiasts Invited to Enter
Facebook, WhatsApp & Instagram Suffer Massive Outage »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Radware

Radware

Radware is a global leader of application delivery and cyber security solutions for virtual, cloud and software defined data centers.

Thycotic

Thycotic

Thycotic prevents cyber attacks by securing passwords, protecting endpoints and controlling application access.

CERT.hr

CERT.hr

CERT.hr is the national authority competent for prevention and protection from computer threats to public information systems in the Republic of Croatia.

Covenco

Covenco

Covenco is a data management and IT infrastructure specialist. Working with customers to transform their IT environments, with data protection and security at the forefront of everything we do.

Electus Recruitment Solutions

Electus Recruitment Solutions

Electus is a leading recruitment specialist in the Engineering, Technology & Digital and Cyber & Security sectors.

ShadowDragon

ShadowDragon

ShadowDragon develops digital tools that simplify the complexities of modern investigations that involve multiple online environments and technologies.

SmartCyber

SmartCyber

SmartCyber is a company specializing in custom IT projects and Cybersecurity.

JM Search

JM Search

JM Search’s Information Technology Executives Practice sources the most sought-after technology roles including CIO, CTO, CISO, CDO and other senior posts.

Wayra

Wayra

Wayra connects Telefónica and technological disruptors around the world. As their preferred strategic partner, we scale them up to accelerate their business and ours.

Pelion

Pelion

Pelion Connected Device Services are the easiest way to securely connect and manage your devices, allowing you to focus on forging your future.

FTx Identity

FTx Identity

FTx Identity is the world's most advanced age verification technology (AVT) and identity management system.

Confidencial

Confidencial

Confidencial is a provider of solutions that help organizations secure their most sensitive information, regardless if that information exists inside or is shared outside the organization.

Exiger

Exiger

Exiger is revolutionizing the way corporations, government agencies and banks navigate risk and compliance in their third-parties, supply chains and customers.

Pistachio

Pistachio

Pistachio is the new evolution of cybersecurity awareness training and attack simulations.

Digital Security Authority (DSA)

Digital Security Authority (DSA)

The establishment of the Digital Security Authority, which incorporates the National CSIRT, is crucial to significantly raising the cybersecurity posture and capabilities of Cyprus.

RightSec

RightSec

RightSec is an emerging market leader and solution provider for cybersecurity and digital resiliency. We provide end to end solutions to suit your specific business lifecycle.