/ Home & Energy, Money

Update: We busted another council tax refund scam

scam

You’ve received a text or email from ‘HMRC’ telling you you’re due a tax refund. It may look legitimate, but chances are it’s a scam.

When my colleague, Mark Harrison, received a text from ‘govuk’ telling him he’d been overcharged council tax for the last two years and was owed a £482.50 refund his suspicions were aroused.

Mark explained that:

‘On first glance I thought the message could be genuine – April’s a period of tax changes, and to be honest I wanted to think I was owed all this money!

Scam text

‘It was when I saw the web address that I smelled a rat – it didn’t add up that HMRC would use a .co.uk and not a .gov.uk website. I clicked the link, and at a glance it looked completely legitimate, especially with the HM Revenue and Customs logo in the corner.

HMRC Refund Form

‘My fears were confirmed when they asked for far more details than they needed for a refund  – like the CVC number from my debit card, and there were also spelling mistakes on the website.’

A little digging revealed that this dodgy site had been set up earlier that day. So we got straight on to HM Revenue & Customs (HMRC) who confirmed it was a scam.

Update: 19 October 2016

Which? has busted another tax refund scam and reported the scam site to HMRC for it to be taken down.

The scam presents itself with three steps to swipe your details. First an email informing the recipient that they are due a tax refund. To access said tax refund the recipient of the email must click on the ‘refund’ link.

HMRC scam

The link takes you through to a what appears to be a security requirement page which appears to gather your email account password before sending you to the mocked up scam ‘HMRC’ phishing page.

Security details scam

Spotting a tax scam

HMRC told us that council issues are handled by each council itself and not centrally by HMRC. So if you are contacted by anyone purporting to be from HMRC about your council tax, you should smell a rat.

The offending website has now been taken down. But spotting a scam like this isn’t always easy.

HMRC told us that a text or email from them will never:

  • Notify you of a tax rebate.
  • Offer you a repayment.
  • Request personal information such as full address, postcode, Unique Taxpayer Reference or bank account details.
  • Give a non HMRC personal email address to send a response to.
  • Ask for financial information such as specific figures or tax computations, unless you’ve given prior consent and you’ve formally accepted the risks.
  • Send attachments, unless you’ve given prior consent and you’ve formally accepted the risks.
  • Provide a link to a secure log-in page or a form asking for information – instead you’ll be asked to log on to your online account.

Reporting a suspicious text or email

Unfortunately, there’s no way of knowing if there are any more sites like this one. So if you receive a text or email linking to a suspicious looking site then please let us know.

HMRC regularly highlights their own guidance on avoiding these scams through social media, their website and other communications channels. But you can also assist their investigations by sending the details of fraudulent text messages via email to phishing@hmrc.gsi.gov.uk.

If you ‘re worried that you’ve shared personal information with a scammer then our guide on identity theft can take you through the next steps for taking action, or you can follow our advice on what to do if you’ve given a fraudster your bank details.

Comments
Guest
Steve says:
4 May 2016

Not had a problem so far but banks encourage internet use and should do more to protect customers

Guest
Robin Watts says:
4 May 2016

We are now in the 21st Century yet Westminster behave as though nothing has changed since Canute. Neither they or the police seem to have the will to prevent fraud. I’m continually getting cold calls from people wanting to get onto my computer who claim to be from Microsoft, this has been going on now for some 8 years. We are in desperate need to tighten up laws to protect us the public from this everyday threat, what we need is both MP’s and police who are educated for proper response not the present thicko’s who inhabit Westminster i.e. sort it or go. Perhaps appropriate life sentences should be given rather than slapped wrists to act as a proper deterrent.

Guest
Dave says:
4 May 2016

Robin, you’ll be doing time in The Tower with comments like, ‘Thicko’s who inhabit Westminster!’ Save me a place will you? lol 🙂

Guest
Tania says:
4 May 2016

Twice in the last week. One posing as an American couple from Wisconcin and in need of a Private PA, got my details from a very well known and global job site. I thankfully averted but he was after money in the long run and the second on the very dubious gumtree where I’m trying to sell my bike. Posed as disabled and would send a courier. Turned out he was posting from UAE and of course, wanted money for the courier. Gumtree is a scam minefield and so is Paypal. This last scam caused me to delete my Paypal account. Sick and tired of it. I have to say though, the fake Paypal emails were very slick indeed and one has to check very carefully to spot the scam and fake details.

Guest
robert poole says:
4 May 2016

I recently upgraded my virgin account and have been bombarded with scams telling me my account with virgin was about to be closed and to follow their link.
I have complained to virgin that someone was selling information to scamers this of course was denied it had come from there it was just a coincidence.

Guest
Louise says:
4 May 2016

I had exactly the same problem, luckily I ignored them but it was not coincidence there must certainly be a link.

Guest
Annette says:
4 May 2016

I was having bad issues with my hotmail account and unable to get help, so looked on facebook for a hotmail page, Found one, rang the number and the cvhap got into my computer and saiod I had many bugs in the email account and he could protect it for 3 months at £99.00 or a year for £170 something or a 3 monthly thing. Asked for my card details and then I realised what a fool I had been and I called them back and cancelled the transaction saying it was a scam. Guy wasn’t too happy of course and bunged the phone down on me.
Luckily I got away with it, and no money came out or since.

I’ve had a similar experience before so you;d have thought I wouldn’t have fallen for it again, but I really thought it was a genuine hotmail support.
I’ve also had someone hack my amazon account before Xmas last year and amazon weas useless and it never even got reported to their fraud dept. I was lucky again as I managed to cancel the order for amazon prime and £342. worth of playstation as my credit card people were on to it soon.
Amazon customer service did eventually tell me how to avoid it happening again and that was to remove my card details each time I used the site. As they had no 3d secure extra password window from your bank, which I think is most important.

Guest
Ian says:
4 May 2016

I have received several emails scams purporting to be from Paypal. I knew they were false as they put ‘Dear Customer’ instead of my name. I reported one to Paypal and they confirmed it was not from them. However nothing has happened to stop them. Where are they getting these email addresses from!

Guest
Chantal says:
4 May 2016

My husband experienced the same problem with government website for renewing his driving licence. Government apparently warned people about the scam, but why didn’t they do something about it? We did get the money back eventually but it was long winded

Guest
Johnathan Kemp says:
4 May 2016

I recently paid an excess fee on an insurance claim by phone, using a credit card that I rarely use. Within 24 hours someone had used my card details to book two trips by uber and to purchase a pair of designer sunglasses. Luckily my building society spotted the activity and contacted me, so no money was lost.
I frequently get phone calls from “the windows operating system phoning about my computer”, these scammers have been calling for years now. It is well past time that responsibility for scams is passed to those who allow their message to be transmitted. When I contacted my telephone provider re the “windows” phone calls they were not interested. They are happy to charge for caller identification though. Phone and internet providers should be required to provide call and email blocking as part of the basic package.

Guest
Shahin says:
4 May 2016

I recently was a victim of sophisticated scam in my own home, the scammer was from India.
I reported to the fraud team of Met police and they was helpless and advised me to get internet security which I already have spent so much money on. Any security did not stop the scammer from remotely accessing my computer and stealing all my data, financial record crashing my computer with virus and transferring money from my back account to india.
I was able to give all these information to the police but they seems to have a laugh about it.
I find it ridiculous that the government put a blind eye to these issue unless it was the banks then the government will take public money to save the greedy banks while public has constantly suffered last 2 decades from a government that seem to advocate loss of public to capitalise as much money as possible. Also the government is obsessed with arresting Edward Snowden for making the public more safe. Also as far as I am concerned now there might be other people in India with my detail creating fake identity and there is nothing I can do.

[This comment has been tweaked to align with our Community Guidelines. Thanks, mods]

Guest
Terry says:
4 May 2016

I have dealt with Paypal and recently tried to cancel my account with them. They are a damned hard company to contact. I managed to unsubscribe, but that is all. I have never found them to be a fraudulent company, but find that that they constantly pester me to make more purchases
So I have recently cancelled all my credit cards, ensuring that I am now unable to make online purchases.
I do not make online purchases anymore. SORTED!

Guest

One piece of advice is, if “your bank” contacts you (phone or email) and asks you to get back to them NEVER use the link or phone number they quote, go to the bank’s genuine web site (google it is you don’t have it to hand or use a bank statement) and contact them via that.
Use a different phone (mobile) if you have one, or at least make sure you get a dial tone before dialing.
Web addresses, phone numbers and email addresses could easily be fakes and the person who answers a scammer. If it sounds the least bit suspicious or there’s some “hurry up” inducement check with the genuine company,

Guest

Which? itself could, perhaps, do more to educate us on scams and prevention. Instead of “promoting” Which University, Which Mortgage on tv adverts it could give advice on scams and avoiding them. I would have thought that would entice viewers to become members as much as the current adverts. and it would actually be doing consumers a service.

Guest
Rod Hart says:
5 May 2016

Shahin,

Whilst there is a lot of sympathy for your loss you will get none from Kaspersky, Norton/Symantec and all the others, they will stop most small time virus intrusions however a determined hacker will get through, a computer is only an amusement tool keep nothing on there to do with Banks, your Finances or Any Personal Details these are the jewels of life and need to be kept safe from everyone but yourself. Security is a pipe dream which can never happen no matter what steps you may take.
All the Best and I hope you get compensation for your losses and always remember BT Call Centers for Computer Problems are based in India and how many others we do not know about. Windows 10 has made life easier for anyone to spy on you and they can download anything they want and you will never know about it until it is too late. Frightening is it not.

All the Best

Guest
Lucy Earnshaw says:
11 July 2016

I got a Text message today from HMRC claming that iam entitled to a £265.84 tax refund and it says please visit “gov.hmrc-login.org.uk” to find out how to claim your refund and i could smell a rat that this is not from the real firm its a scam ..

Guest

Quite right Lucy. Any official government website will end in GOV.UK.

And if you were due for a refund, the HMRC wouldn’t text you but send you a letter, probably with a cheque attached.

Guest
Ann Parry says:
2 August 2016

There seems to be a new HMRC scam. My answerphone recorded the tail-end of a recorded message purporting to be from HMRC telling me that HMRC were taking court proceedings against and to press a number to speak to the person handling my case. I ignored it. The phone number displayed was 0114 303 1265.

Guest
Nigel says:
4 August 2016

My phone has just taken a message saying that the HMRC are going to sue me and I could press a number to speak to my case manager. I called the number back with my number withheld and got straight to a answer phone with a very brief announcement. I was all but convinced this was a scan because I’m sure they wouldn’t call me, it would be difficult to prove who they were and I’m sure there first approach would be by letter. I really feel sorry for any elderly people caught by this.

The best answer for all of these is to make outbound recorded phone messaged illegal. They are just too many issues surrounding this.

Well done which for highlighting this.

Guest

Like others, I used to get many scam callers on our land line – 2 or 3 per day was not unusual; I always found them more annoying than intimidating as they are pretty easy to fathom, and I usually gave them short shrift. However, I read the recent Which review on such activities, and was impressed enough by their review of the TrueCall call-blocking equipment to buy one. OK, it’s not cheap, at just over a £100, but it’s neat, easy to set up and use, and in the past few weeks I’ve been using, it I haven’t had a single scam call. Or at least, I haven’t been aware of any scam calls because the machine effectively sits between the scammer and my phone and will not put through any call where the caller doesn’t follow the simple intercept routine. My usual known callers get through without having to do this. Brilliant! Simples!!

Guest
John Hocking says:
26 August 2016

In addition to telephone calls claiming to be from ‘Microsoft’, I am now receiving spurious calls from ‘BT’, ‘Your Computer Manufacturer’ and vaguely named ‘market research operations’. Mostly they do not disclose their phone number in response to a ‘1471’ query, but even worse, some ‘silent calls’ are spoofing their number to one which is apparently fictitious. There seems no point at all in attempting to report such instances to Action Fraud since they appear to emanate from abroad. I do wonder whether BT is perhaps enjoying an income, albeit indirectly, from such misuse of the telephone system?

Guest
Laura says:
10 October 2016

[URL removed] Is that a scam or not

[Sorry Laura, we can’t allow this link to be posted as it seems to be a fake site to us – we can report this, so thanks for bringing it to our attention. Thanks, mods]

Guest

It worries me that so many people have such poor literacy that they cannot spot the spelling mistakes, typographical errors, and compositional flaws in fake e-mails which are almost always the give-away. There is even a typo in the introductory article [not a serious one though].

Guest

John and thats why I blame the schools for not teaching proper English , its way beyond the- but its only a few people like that stage now . You must learn the language of the country you were born in and,sorry to say discipline has gone right out the window -dont you dare talk to my wee johnny /jean like that I will call the police /social work dept. / child welfare / and get you arrested 10 years later -wee johnny has moved from grunts to learning the alphabet only he takes it from the first social website he comes across and ends up speaking in Internet abbreviation – wee johnny-vot R U sayin – wee johnny- dont you understand English ? me – wait till I get my 2016 Internet s**c to English translation book and then I will answer you. Wee johnny walks away crying – doesnt even know the English language time he went back to school !

Guest

Most of those I worry about are well past school age, Duncan. They are full-size grown ups who are getting caught out and seriously disadvantaged in their struggles with commerce. We see the occasional example on here.

Guest
Michael says:
22 October 2016

I’m a decorator and was once working for a Nat West Bank manager, and asked him if he banked on line, he said you must be joking I wouldn’t trust it as far as I could throw it, stay away from it, so ever since then I have.

Guest
Helen says:
28 October 2016

I’ve just received this very scam email about a Council Tax refund – my suspicions were raised as I wondered why HMRC and not the local council had emailed me. I’ve reported it. Shame it’s doing the rounds again, it does look genuine

Guest

Helen, it’s good that you’ve reported it. Did you send it through to phishing@hmrc.gsi.gov.uk? It’s really important to remember that HMRC do not send emails about any tax refunds. If you’d like us to report this to then please send us the details to conversation.comments@which.co.uk

Guest
Tania Munro says:
10 November 2016

Just received this scam today, so it has just changed email address. I did not click on the link, as I know HMRC do not deal with council tax refunds. BEWARE

At this moment we have to refund you 221.94 GBP council tax for the last two years.

Click HERE to submit the request.

Note : A request can be delayed, for submitting invalid records or applying after deadline.

HMRC
Room 2C/23
110 Parliament Street
London
SW1A 2BZz
At this moment we have to refund you 221.94 GBP council tax for the last two years.

Click HERE to submit the request.

Note : A request can be delayed, for submitting invalid records or applying after deadline.

HMRC
Room 2C/23
110 Parliament Street
London
SW1A 2BZz

Guest

Apart from the facts that the HMRC do not deal with Council Tax and never notify tax refunds via e-mails, there are at least two further give-aways in this scam e-mail :

1. An e-mail without a ‘£’ sign in front of the money amount indicates it was created where that key is not available on the keyboard.

2. The HMRC might well have rooms in a government [possibly Treasury] building in Parliament Street but no operational tax arrangements are dealt with there and personal taxation is handled at major regional centres.

Guest

I just received one of these scam emails today, so they’re still circulating. I was immediately suspicious, but checking the postal address they gave was the giveaway – they wrote “centre” as “center”.

Guest
Miriama says:
24 October 2017

Hi mi name Miriama.

I need an application for termination of health insurance.
Thank you very much.

Guest

To help you Miriama you need to supply details – British citizen ? Private company ?-termination of employment while still paying private health insurance ? it just goes on Could you be more precise and detailed ?

Guest

Hi Miriama, the best way to cancel health insurance would be to contact your provider directly. If you’re having issues cancelling your policy have a look at our consumer rights advice – http://www.which.co.uk/consumer-rights/l/private-healthcare

I hope this helps.