Slide 1 Slide 2

Tax
Hints & Tips

Lymm Village

Tax Hints and Tips

Lymm Village

Free hints and tips about tax and accountancy from Lymm Tax

Bogus emails from HMRC

Lots of clients have been receiving phishing emails purporting to be from HMRC or Companies House. So we thought it might be a good subject for a blog.

In the good old days these emails were relatively easy to spot: poor quality English, suspect sender email addresses, references to tax refunds and blatant requests for bank account details.

But increasingly the fraudsters are becoming more sophisticated and their emails less easy to distinguish from the real thing, even for accountants. The two I was forwarded by clients recently came from, what appeared to be, genuine HMRC addresses from which I have received other emails. The only thing to set the alarm bells ringing was the zip file attached. NEVER open these. Computer experts warn us they are dangerous and that they contain viruses or programs that hack into our bank accounts for example and certainly I have never seen HMRC send anything by zip file.

The other signs that the emails were not genuine were more subtle especially to the untrained eye. One client received an email about his CIS return. I knew he wasn’t in the CIS scheme but he doesn’t know his CIS from his VAT, PAYE or CT. Another client simply had an email saying the submission for reference number xxx/yyyy had been successfully processed. This looked very genuine except for the fact that the reference number given was not the client’s. HMRC send emails like this a lot but they never have attachments or links and generally come within a minute of you submitting something on-line.

The most recent dodgy emails from Companies House have said that someone has made a complaint against your company and you can find out about it by following the link. Again these are not genuine and anyone receiving such emails is asked to forward the whole thing to phishing@companieshouse.gov.uk and then to delete it. Like the banks, Companies House stresses that it will never ask you to enter security details by email.

Basically beware of all links and definitely don’t open zip files.