/ Motoring

Did scammers know about my DVLA renewal?

We’ve covered DVLA scams before, but this one caught my eye due to how closely-tied it was to my real vehicle tax renewal. How did the scammers know?

While the last scam DVLA email we looked at told drivers that they were ‘not up-to-date’ with their vehicle tax, this one takes things one step further.

When I received my vehicle tax renewal in the post a while back I, like most people these days, opted to pay it online.

Everything went through as normal, but just two days later, an email appeared in my inbox that made me look twice.

Your latest vehicle tax payment failed

Even though my account flagged the message as spam, the professionally worded subject title, along with the presence of the ‘customer number’ made me open things up for a closer look.

Fortunately the email address it came from acted as a dead giveaway, but the email arriving so close to my legitimate renewal does beg the question; had my data been leaked somewhere? How did the scammers know?

DVLA and Which? advice

I let our consumer rights expert, Amelia Wade, know about the email – she got in touch with the DVLA to ask them about the scam.

Amelia Wade

The DVLA assured us its sytems are secure, built to government standards and checked regularly for any vulnerabilities.

It is, however, good practice to regularly clear your browsing data, keep your browser up-to-date, ensure you’ve got a good antivirus software and have good password hygiene.

Scammers are becoming increasingly conniving, so trust your spam filters and take pause to think if you’re being asked to input payment details after following a URL.

It can’t be ruled out that this case in particular could have been a coincidence – it’s not uncommon for scammers to chance their arm with multiple emails at different times.

With clever DVLA scams targeting drivers regularly, we’ve written a new guide on how to spot them, so you can stay ahead of the fraudsters.

Read our new guide to DVLA scams

We’ve included examples of the scam texts and emails themselves, as well as advice on what to do if you think you’ve followed a scam link.

Have you received a DVLA scam email just days after your real vehicle tax renewal was due? Let us know if they were clever enough for you to open them up, and if your spam filters were on the ball.

Comments

Go traditional – renew by phone! I’ve heard too many bad things about the DVLA website

They could easily call with a scam cold-call, or even send a scam letter – not using the net reduces that chance, but it still possible to be scammed

Vernon Lewis says:
20 February 2019

Renewed tax on line . Then had dvla mail advising were due a rebate . Not true , did’nt reply , obvious scam .

Davy Jones says:
23 April 2019

I had the same as you but as my wife is disabled no money changed hands so how could we be due a rebate

Tom Crawford says:
26 February 2019

I paid my vehicle tax on line in January and true to form received email supposedly from DVLA 4 days later stating Rod Tax was due and all the requirements to pay online, Phoned DVLA and they confirmed they knew of this scam and assured me that DVLA never email except for confirmation of your payment.

Not DVLA, but another vehicle scam………

I got a text supposedly from webuyanycar that said:

Important Details: Your valuation for RJ57*** is £1005. To book an appointment at your local Hemel Hempstead branch please click here http: // wbac.ly/ 2gU3Gsn2X
The link is genuine with a few spaces added.

There are many much near branches to me than Hemel Hempstead so the scammer doesn’t know where I am but……….

The vehicle registration is from a genuine vehicle that does not belong to me.

It is a white, diesel Ford Transit with over 127,000 miles and a chequered past that needed a fair amount of work to get it through the MOT in November 2018.

So what is the scam? I haven’t found anything by Googling other than wbac being called scammers for their low valuations.

Will do George.

Email sent.

I too received an email within days of renewing my car tax on-line.

I too received an Email soon after renewing on-line saying my payment had failed , but as I had ticked the box saying I wanted a confirmation Email of my renewal I was not in the least bothered . I had my Email confirmation so as far as I was concerned that was that !

Sam Butt says:
13 April 2019

I’m not altogether sure the DVLA site is secure. I renewed my Father and Mother’s driving licences for them online. I filled in my Fathers form and then filled in my Mothers using autofill to save a bit of time with the address etc. My Mother got her driving licence through a few days later. My Father never got his through. DVLA insists I filled in the wrong address, despite the fact my Mother got hers through and her details were filled in by Autofill from my Dad’s form. When I went to retry sending the e form again for my Father after we were told we had to retry, the correct information was all still there in my tablets memory, correct address and everything. The government agencies like to claim the are infallible, they are not. Something fishy was going on there. Either someone at DVLA changed the address to divert the licence or someone outside did. Either way, it’s still a data breach.

Neil Brinkworth says:
13 April 2019

All the scammer needs is someone’s email address and their vehicle registration number then they can find out which month the tax is due online. Posting a picture of your car on social media makes it easy for them!

Chirine says:
13 April 2019

I rhope ecived my notification for the renewal of Road Tax due on my vehicle. Having obtained an MOT, I taxed my car as usual online. Thank Goodness all was well, as expected.

CAROL DIGGINS says:
16 April 2019

I received notification today, allegedly from DVLA, saying my online payment had failed. This was 11 months after I made it!!!!!

A piece of advice, always check the email address that the renewal has been sent from. I am talking about the “@gov.uk”. The email address in the screen shot above is “secretary@” which kind of gives it away. Never follow links that have been provided in a email, always go straight to the DVLA website to make payments ect!

A British English speaker would write, ‘has failed’ not ‘failed’.

I assumed that Carol was correctly using reported speech. The document might actually say, “your online payment has failed” but when reporting the statement it was necessary to use the past tense.

Personally I doubt that the scammer was sufficiently conscious of the subtleties of English usage to get that detail right. The quality of written English has declined so far now, especially in the media, that there are very few examples available of the orthodox use of reported speech.

This refers to the introduction where we are told that: “Your latest vehicle tax payment failed” appeared in a scam email purporting to be from the DVLA.

I assumed that Carol Diggins [to whom Josquine was responding] was quoting from the letter she had actually received.

I just had a scam where they said my direct debit had been refused and needed to go online and register a new DD. I did as the site looked correct but forgot the obvious in that DVLA would not send an e-mail saying so. Luckily for me the bank picked up a spurious attempt to use my card and blocked the payment for some £299 i am now without my card until new one is issued. Dodged a bullet could have been far worse. The issue is that it did coincide with my payment schedule which makes me think there system is breached.

I renewed my vehicle tax today, online via the DVLA website as I always do. Within a couple of MINUTES (literally) I received a spam email saying the payment is incomplete, and to click the link to complete the process. The email arrived a minute or so after the DVLA confirmation email. HOW??? Scammers must have direct access to the DVLA transactions! How else could it be possible that they contacted me immediately?? The address it came from is: support[at]vehicleinformation.uk The link in the email is longish, and has no obvious connection to the DVLA. I have reported it to gov.uk phishing, but feel the fact it came through so fast suggests the DVLA database is NOT secure, and others should be made aware.

Helen, another possible explanation would be if your Internet security were compromised, eg by tracking cookies that detected your transaction with DVLC and then targeted you for this scam.

Owen Biewahn says:
13 July 2020

DVLA system may be secure be secure but unfortunately I suspect some of their staff may not be.

Here is my take on things because I am a technology guy.
Scenario:
Your vehicle tax expires on 1 July 2020, you renew 5 days prior and your new expiry date is 1 July 2021.

If a company has your name, address and vehicle registration and email. They can create an automated tool (API interface for geeks) which checks the DVLA vehicle tax status. Once the tax status changes at DVLA side, all they have to do is send you a message saying the renewal failed and then send you a dodgy link to renew.

This is only possible if the company has your details already and its almost impossible to obtain these details from the DVLA because their system is pretty secure. Vehicle & owner information falls through cracks for example, buying and selling, using untrustworthy repair garages etc.

I hope that helps.

Rebecca says:
15 July 2020

I received an email stating my payment on my tax hadn’t worked so now been cancelled 😒 I checked my registration through DVLA and my car’s taxed so clearly scam .