A new scam

HairyMcbiker · ‎16-02-2009

Well new to me anyway!
Just got this email from "no-reply@hmrc.gov.uk"

Quote
Taxpayer ID: ken-00000717113591UK
Tax Type: INCOME TAX
Issue: Unreported/Underreported Income (Fraud Application)
Please review your tax statement on HM Revenue and Customs (HMRC) website (click on the link below):
review tax statement for taxpayer id: ken-00000717113591UK
HM Revenue and Customs

Now the link is to:-
http://online.hmrc.gov.uk.esssaze.co.uk/SecurityWebApp/httpsmode/statement.php?id=8926517549855721851799691975129305358417668807454786&email=xxx@yyyyy.co.uk&tid=ken-00000717113591UK
And the header shows:- X-Mailer:Microsoft Outlook Express 5.00.2919.6600
Nice to know the good folk at HMRC are using M$ OE for their email client as well!

Since if anything the gov owes ME money, I don't think I will be clicking on the link

Alex · ‎05-04-2007

I've been getting a load of those as well.
No idea what's on the other side of the link, I suspect something nasty.
Not that I click on any links from e-mails, but I use a bare VM for sites/apps I'm not quite sure on.
So if anything happens I'll just trash it

thejudge · ‎01-08-2007

As someone who works for HMRC (for a given value of 'work' and a given value of 'for' ;)), I can tell you all that HMRC never communicate with 'customers' (as we now must call you) by e-mail.
There are two reasons for this:
1) Data security: all settings have been at 'maximum paranoia' since that business with the lost CDs a couple of years ago (we can't even send 'customer' data via internal e-mail); and
2) Only about 20% of staff in the Department have got external e-mail access anyway.
And we're using M$ Outlook 2003 and Exchange, FWIW

HairyMcbiker · ‎16-02-2009

I am well aware that no council department would send this by OE, let alone a government one, that was one of the items I thought strange, the main one was the dodgey web site address. I don't ever click on a unrequested link like that. The first thing I do is examine them and if I can pass on the scam to someone who's web site has been hacked then I will but this one looked like a site setup to garner bank details etc. (Just from looking at the link not from visiting the site, I hasten to add)

Alex · ‎05-04-2007

On the subject of new scams .. I got this today:

Quote
Attention!
On October 16, 2009 server upgrade will take place. Due to this the system may be offline for approximately half an hour.
The changes will concern security, reliability and performance of mail service and the system as a whole.
For compatibility of your browsers and mail clients with upgraded server software you should run SSl certificates update procedure.
This procedure is quite simple. All you have to do is just to click the link provided, to save the patch file and then to run it from your computer location. That's all.
[URL Removed]
Thank you in advance for your attention to this matter and sorry for possible inconveniences.

System Administrator

MrC · ‎17-07-2008

Quote from: biker955
Now the link is to:-
http://online.hmrc.gov.uk.esssaze.co.uk/SecurityWebApp/httpsmode/statement.php?id=8926517549855721851799691975129305358417668807454786&email=xxx@yyyyy.co.uk&tid=ken-00000717113591UK

First time I've got one however SWMBO has had a few in the past. The link in mine would have sent me to online.hmrc.gov.uk.neaazan.cn though and there's probably others.
There is an email address you can forward these to - phishing@hmrc.gsi.gov.uk - although I'm not sure what they can do about them.

A new scam

A new scam

Re: A new scam

Re: A new scam

Re: A new scam

Re: A new scam

Re: A new scam