Recently, it was discovered that various phishing emails and messages are attempting to break into the Brits. These emails are claiming to render a tax refund from the Queen’s Revenue and their Customs.
It is mentioned in the research which was published by Abnormal Security. It also describes the necessary details of the fraud incidents which happened during this period. The scammers are portraying themselves as the officials of the UK government in order to fool the taxpayers.
Structure of the malicious email
There several complaints which the officials have received in which they mentioned that users are receiving extremely convenient messages in their inbox. The messages stated that the receiver will get a tax refund from 2018.
The website page is designed and developed in such a way that it looks nice and authenticated. The website also contains similar graphics, style, font, and icons due to which it resembles the official HMRC website .
The statement passed by the Abnormal Security
The spokesperson of Abnormal Security stated that the URL which was attached in the emails is comprised of a link that takes the user to another website. This is the major reason due to which the hackers can easily steal personal and sensitive information from the user.
In addition to this, the cyber-criminals behind the scams have fixed a deadline that also claims the false date of tax refund and hence it forces the users to click on this link. The spokesperson further claims that at the time of refunding the tax is utterly sensitive.
The email was sent to the users on 16th April 2020 and the last date of tax refund was mentioned as 17th April. It is also mentioned in the email that if the user doesn’t follow they will lose the refund.
According to the researchers they have found a high level of information and details were included in the emails. The emails also have a fake landing page that was meant to increase the trust in the users.
According to the Abnormal researchers, the receivers are finding it very difficult to make out the difference between the real and the fake website. Besides, these pages are specially designed to take personal credentials and information from the user.
They further explained that the attacker made a convincing move. The subject of the email was appearing truthful including the subject, body and the payment reference.
Apart from this, the email’s body has got a legitimate value and date of the tax refund. The email also stated issuing, number, issuing date and transaction ID as well. Hence landing page was so similar that it was difficult to make out the original and fake tax claim page of government.
The cyber experts have warned the people to not open any such email because it can even corrupt your system and retrieve all your useful information. In recent times the government has also decided to take strict action against cybercriminals.
The users should also keep a thorough check on their mailbox and reach out to the security support in case they face such kind of situation again.