HMRC fraud warning emails baited by phishers UK taxpayers were targeted by a tax fraud scam mail run late last week. Fraudulent emails (sample extract below) tried to scare recipients into handing over confidential details to a bogus website in response to supposed allegations that the prospective mark was hiding some of their income. Tax Type: INCOME TAX Issue: …
There have been huge numbers of IRS emails circulating for some weeks now. Kind of gives it away when they spam addresses at some of my web sites and I receive messages to 'donotreply@...' , 'news@...' and other such links. And having never been a taxpayer in the US (except for a few months in 1992) it was quite easy to see them for what they were.
That's the thing the spammers don't get - the more copies of an email you receive, the more suspicious you are going to be. The best protection joe public can get after their AV/Antispam software is to run two or three email accounts. If you accept that all will make it into the spam lists (or even arrange for that to be so), it makes it a lot easier to spot the phishing messages for what they are.
Yes, run lots of email accounts, one for each correspondent. If HMRC send an email to the one I have issued for their exclusive use then I might have to pay attention. To any other address and it must be spam. If anyone else uses the correct address then HMRC's data security is up to the usual gov.uk standard.
"HMRC's policy is to only contact taxpayers by post."
I'm assuming that statement is included in the article because HMRC have claimed it. Strictly speaking, it is not true. If you submit your VAT online and provide them with an email address, you will receive your reminder by email instead of being sent a VAT return.
It's a different tax, but it's still HMRC and people who pay it are still taxpayers.
(Unless they are claiming a refund, obviously).
2007-01-08: http://www.theregister.co.uk/2007/01/08/hm_revenue_phish/ - "HM Revenue phish surfaces"
2008-02-22: http://www.theregister.co.uk/2008/02/22/hmrc_phishing_attack/ - "HMRC data debacle used to bait phishing lure"
2009-01-08: http://www.theregister.co.uk/2009/01/08/hmrc_tax_refund_scam/ - "HMRC warns over tax email scams"
2010-01-18: http://www.theregister.co.uk/2010/01/18/hmrc_scam_emails/ - "HMRC fraud warning emails baited by phishers"
Can anyone see a pattern?
Taxes are the biggest fraud there is. Instead of mending roads or supplying the armed forces with the stuff they need (the putative purpose of the money they extract) most of it is shamelessly wasted on buying votes with entitlement programs and employing little Hitlers to give the ever shrinking productive sector of the population a hard time. And if you don't pay what they think you should be paying, they send the boys around.
When I submitted my self assessment return online, I received an acknowledgment by email, so they are lying about that too.
As someone who bought a fax machine around 14 years ago, I can tell you nobody related to the government has ever faxed me, nor my bank, or parcel delivery company, so if they can't be arsed using a fax, why would they use email? I'm pretty sure they'd be traditional and send a letter in the post.
Anyway I've got to go, I've got to provide my personal details to a bank I'm not with so they can re-install their SSL (yes I am joking)
Indeed, HRMC unless indicated for some online enrolements generally communicates via postal mail.
I have a belt and braces in so much that I also have an an accountant who prompts me periodically to hand over large amounts of cash to the HRMC.....
Finally, one peice of joined up ness or commerciall awareness? My banks e-payment service has the ability to search for variouse accounts and also recognises and provides prefilled details for the various HMRC accounts.... Thus reducing the probably of finger trouble and gmaking someones dya by randomly depositing cash into their accounts.
(thank heavens for the bank of Nigeria that sent me the helpful mail - only kidding)
It does raise the question that after all these years people still fall for these tricks....., and they are allowed to vote and have kids - but need a license for a dog or TV?
most of the time the the emails are more poorly written than my posts on internet dicsussion forums and they dont even seem to have gone to the trouble of going to the authentic websites to grab decent graphics or logos..... that said i once did see a convincing paypal mail, until you checked the return link!? butt 999/1000 are pure tosh!
The theft of UK taxpayers' money by dull-witted online opportunists is a scandal that should've been addressed long since.
Where the latest Self Assessment online returns are concerned (tax year 2008-2009) I've just finished mine and yes. . . I have a HMRC email acknowledgment, NOT a surface mail communication, to confirm "successful submission". As several thousand such emails will have been sent out by HMRC already this month, the notion that it only communicates by post is plain daft.
This year's SA online Returns process represents business as usual, i.e.: garbage as usual.
A few years back, for example, the Revenue allowed returnees to enter individual details about individual income streams in separate text fields. Last year, that was scrapped, because it was just too sensible for any Government agency to contemplate. Instead, you had to shove all the details into a single box, upon completion of which you received a bright red ERROR warning to the effect that you'd used too many characters.
The Revenue could have said before you even started that a character count restriction applied but no, it couldn't be arsed: just fill it in folks, and after yo;u've wasted your time doing that, we'll then lament your lack of psychic ability.
The Revenue could also have foreseen that the imposition of a restricted character count was absurd in view of the volume of information it was instructing the returnee to give (name of provider, gross amount, net amount, address of provider.)
I have four separate private pensions, all worth slightly more than nowt, and finally gave up trying to fit everything into the single bloody box and so entirely omitted all the address details I was being commanded to supply.
The submission, without the mandatory details sought by HMRC was instantly accepted by HMRC. Never mind the actual quality of the information I provided: if it conforms to the half-baked criteria of some inept jobsworth, well, that's all that matters.
This year, the "single box" remains but this time, the Revenue has given up on the idea of obtaining any address data at all, defeated as it presumably is by the restricted character count which the Revenue itself has imposed on itself.
Instead, it wants all information screwing up together in a big ball of text and if you insert a para mark to distinguish one entry from another, or a colon to indicate the relationship between a word and a number, then o-mi-god no: ERROR ERROR ERROR. . .
Paragraphs are not permitted. Colons are not tolerated. Anything that might minimise the chance of information being garbled, misrepresented or misunderstood is absolutely not allowed. Shove it all in, and if it's the dog's bollocks from start to finish, well, uh, it's OK, it's all that the technologically-challenged HMRC can possibly cope with.
The Revenue has brought in something called 'work sheets' to enable the user to calculate various totals by inputting different income data from different sources into different fields. Predictably, however, the facility doesn't work: the instant a user inputs data which accurately reflects the tax arrangement imposed on her / him by the Revenue, the, er, Revenue cannot begin to comprehend any such arrangement, and so the work sheet falls over.
So if, as in my case, I input £x amount for a pension, and then in the tax field below it £0.00 (because the Revenue has decided that this particular pension should be paid to me tax-free, with the other pensions incurring the tax levies) ERROR ERROR ERROR is blasted over my computer screen because you can't enter £0.00 at all, very very naughty, slapped wrists all round, you must complete BOTH fields with, um, figures other than zero.
Nearing the end of the protracted online process, you're invited to save or print your completed return in .pdf form.
But the Revenue's IT people have no bloody idea at all of the "save as" target facility, so no, you can't do that but must instead endure a line-by-line download of the multi-page document. Except you don't, because the process locks up halfway through. The .pdf files never arrive.
Which is why I have to screen capture my SA return every year.
(You're also encouraged to download Adobe Reader if you don't have it, advice to the masses which really shows how brilliant the Revenue IT folks are when it comes to the dumping of bloatware on computer users throughout the land. . .)
Finally, you click on 'submit' and an egg timer appears and spins and generally tasks itself to cope with the demands of omelette-making for 10,000 diners simultaneously.
Which means it eventually stops dead and nothing is submitted and you're told to come back later and try again, except when you click 'next' to get out of this mess you're asked to re-input your username and password so as to kick-start the entire submission process again when all you really want to do is see if Moira Wotsername is still conscious in that airless cupboard under your stairs.
This week, I made five wholly unsuccessful submissions and each time was told either to come back because HMRC was busy, or HMRC was "experiencing technical difficulties" or HMRC's "submissions service" was not operating "at this time".
And of course, after all these on-screen warnings about how severe the failures were, I then naturally received an email from HMRC to say yes, your submission was successful ("naturally received", because HMRC does this to me every year: it repeatedly tells me I haven't succeeded in submitting anything and to come back later, and then when I don't come back later, sends me an email to say I have submitted everything.)
Meanwhile, Moira wotever-her-name ages so rapidly because of both the stress and the time it has taken me to undertake one simple online data process that not only has she no chance at all of ever being a BBC news reader again, or being a judge on Celebrity Factor Dance Slumdog Millionaire Brother Idol, she's now so bloody old The Queen hasn't even got a Birthday Telegram available to send her, there being nothing higher than 110 in the Royal stationery cupboard.
Though the existence of intelligent life within HMRC is always a dangerous presumption to make, the existence of an actual IT department managed and staffed by people with some slight knowledge of computing is so unreal a prospect that no-one anywhere could contemplate it.
Hence my opening remark, about the way tax payers' money is being stolen.
There's a bunch of anonymous half-wits out there who never user-test the stuff they create; are not overseen by any responsible agency or individual; and who every year receive Gawd knows how much in the way of tax payer funding in order to perpetuate their terminal incompetence.
They don't even seem to give a sod for how poor Moira feels, either.
Why the lot of 'em aren't under arrest, I've no idea.
Wholeheartedly agree.
Here in Finland we have a "Computer Driving Licence":
http://www.tieke.fi/in_english/computer_driving_licence/
You won't be allowed to bloody well _look_ at a computer through 3 layers of bullet-proof glass, let alone touch one, or get a job without it. (I haven't got one, BTW)
So, how these muppets/PFY's think they can design forms beats the living shit out of me.
Sheesh, I can count on the finger of one thumb the time I've used a form that actually permitted me to enter the information they needed to know.
We wonder why the Biro pen's becoming popular again.
Beggars belief.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
