With the end of the chaotic tax season over and the close of the tax year approaching, fraudsters have started to push their fake HMRC campaigns out in order to trick users into clicking links embedded into emails.

A Cyber Wise user has reported spotting two of the illegitimate emails in their personal Hotmail inbox this morning, both emails are identical but have been sent from different Hotmail addresses.

The user who has reported the phishing attacks has never sent or received emails from either of the two addresses in the past. The likely reason for them receiving the emails is due to their email address being stolen in a previous breach and then sold on the dark web.

The two inboxes sending the phishing emails have most likely had their credentials stolen, with the accounts now being used to send fake HMRC emails to large amounts of addresses purchased from the dark web.

It is important to note that HMRC NEVER email customers who are due a tax refund, any tax refund notices are sent by letter through the post.

Cyber Wise recommends that everyone handles their emails with caution. Anyone who receives an email purporting to be HMRC should delete the email permanently without replying or clicking on any of the embedded links.

Learn more about Phishing emails and how to prevent an attack by visiting our dedicated Phishing page?