HMRC TAX SCAM – If you get this surprising ’refund’ e-mail do NOT click on it

The HMRC tax return deadline was at the end of last month, and now people are being warned to stay away from a rebate e-mail being circulated by scammers.

Action Fraud UK, the national fraud and cyber reporting centre, have received several reports of people receiving the HMRC scam tax e-mails.

The e-mail, posted on Twitter, may at first glance look legitimate, with the HM Revenue & Customs logo at the top and an alleged refund number and a large rebate amount.

To claim the alleged tax refund, the e-mail urges users to click on a hyperlink and complete a “required form”.

However, this just links to a malicious website designed to steal sensitive personal and financial information from the victims.

But there is one big giveaway that should tip people off that the e-mail is a scam. 

The sender for the message is not a UK government address, but the e-mail is actually linked to a domain in Italy.

Tweeting about the scam, Action Fraud UK said: “We’ve got several reports about these HMRC phishing emails being sent from an Italian domain that passes through Finland! 

“Don’t click, this isn’t something @HMRCgovuk would send! 

“The good news is HMRC shut down 16k malicious websites last year #PhishyFridays”.

Alongside the tweet was an image showing an example of the scam e-mail, and advice on what to do if it drops into your inbox.

Action Fraud UK said: “This fake email contains links to a malicious website that steals your personal and financial details.

“Don’t open attachments or click on the links within any unsolicited emails you receive.

“Criminals can spoof email addresses to make it appear as though the email was sent by a person or company you know.”

Express.co.uk has contacted HMRC about the scam e-mail for comment.

Action Fraud on their website have issued advice to people to help them spot phishing scams. 

Here are their pointers and tips:

ACTION FRAUD – HOW TO SPOT PHISHING SCAMS

• Their spelling, grammar, graphic design or image quality is poor quality

• They may use odd ‘spe11lings’ or ‘cApiTals’ in the email subject to fool your spam filter

• If they know your email address but not your name, it’ll begin with something like ‘To our valued customer’, or ‘Dear…’ followed by your email address

• The website or email address doesn’t look right; authentic website addresses are usually short and don’t use irrelevant words or phrases

• Businesses and organisations don’t use web-based addresses such as Gmail or Yahoo

• Money’s been taken from your account, or there are withdrawals or purchases on your bank statement that you don’t remember making