According to official figures, reports of HMRC-branded phishing scams have jumped from 572,029 to over one million (1,069,522) in the last year alone
The data, obtained by Lanop Outsourcing under the Freedom of Information (FOI) Act show that reports of suspected SMS scams shot up 52% last year, rising from 67,497 to 102,562 attacks. Email scams exploded 109%, up from 301,170 to 630,193. Meanwhile, reports of phone call scams increased 66% to 336,767.
Most of these scams claim tax rebates and refunds were available.
Cyber expert at Gigamon, Andy Harcup, said: “The sharp rise in HMRC-branded phishing attacks poses huge risks to businesses and individuals, with many organisations lacking the resources to identify and protect against malicious hackers. All it takes is a single employee to unwittingly hand over confidential passwords and user details and cybercriminals are free to enter and wreak havoc across the network.”
Tim Sadler, CEO of Tessian stressed: "Impersonating an authoritative organisation like HMRC is a tried and tested way for cybercriminals to create a sense of urgency and fear, to manipulate people into sharing financial information or credentials via phishing or smishing scams. And they've upped the ante, particularly over the past 12 months, in the hope that by sending more emails, more people might fall for their schemes.
"Sadly, spotting the scams isn't always easy, and hackers are making them even harder to detect. The general rule is to never click on links in unexpected texts or emails, even if you feel under pressure. Remember, you can always verify the request is real by calling the company directly or checking your online account."