Scam watch: ‘HMRC’ phishing emails

Advance fee fraud, commonly known as a 419 scam, is one of the most prevalent and widely known scams on the internet. The number 419 refers to the article of the Nigerian criminal code dealing with this type of fraud, as the practice originated in Nigeria but has since been adopted by criminals in many other countries.

Never send money in advance in order to receive money back. If expenses are needed to process a payment due to you, in a genuine scenario those expenses would be funded directly from the money due to you.

Ditto Sophie, I have had several email’s telling me of rebates due, I have reported them as scams then delete them and they just go to my spam box now. I thought everyone knew this was a scam now. HMRC have posted this on media sites and reported this on the news. I can’t see how we can expect them to do any more.

Although I appreciate this is a serious matter, hats off to the guy. This would have made one of the best April fools ever. He should be employed by HMCTS to combat security breaches… after serving the time he must.

Yes, even the judge described him as “ingenious”. However, the prison staff were quite the opposite of ingenious for falling for it, particularly as they should have know the nature of the offences for which he was on remand.

It reinforces your previous point that people naively trust e-mail addresses. Apparently it wasn’t the actual Court address that was used on the fake e-mail but one like it. I expect a head is rolling in that gaol now [metaphorically I mean].

What happend here I do not fully understand

Some of the banks do have such a system, but the banks are largely powerless to solve the problem. The phishing web sites that victims are encouraged to visit are usually hosted on compromised PCs in jurisdictions with poor law enforcement. By the time that the authorities can shut down the site, the scammers have already moved on to another compromised PC. Shutting down domain names or sub-domains can be an effective course of action, but not always effective.

I believe that the banks and other organisations could do a lot more to help people avoid email scams. For many years I have been forwarded emails where friends have been suspicious of emails. In almost all cases it was very easy to find other reports of the scam and send an appropriate link to my contact.

Why cannot the organisations offer some online support to everyone who is concerned about a possible scam? If users are told to copy/paste some of the text into a web search, they can easily identify most scams for themselves, but providing an email address for notification of scams is essential in my opinion.

I agree with you John, I am also surprised that they would fool anyone. I do still get the odd one from African countries trying to get me to do a bit of money laundering for them. I tend to think if you expect something for nothing that is what you will get.

I do also get the odd one from banks and paypal saying my account has a problem and they will freeze it unless I contact them, usually it is banks I do not use. My own bank always warns that they will not contact you this way and what information they will ask for and always stress they will never ask for a password.

So again I agree, why are people still falling for these scams?

I think in 25 years I have never had an e-mail from a bank or HMRC or savings or investment organisation containing any personal information or data or on a matter requiring my attention [as opposed to marketing material]. I think it is safe to delete anything from such organisations, along with anything that purports to come from them, and you’ll be no worse off.

That’s encouraging John. I had not paid enough attention to the emails to be sure of this.