Warning of 'sophisticated' phishing attacks targeting tax returns - here's how to spot them

Rob Waugh
·Contributor
·3 min read
phishing LONDON,ENGLAND - MAY 25: UK Government's public sector website on May 25,2023 in London,England (Photo by Peter Dazeley/Getty Images)
Hackers have targeted the GOV.UK website with sophiscated phishing attack. (Getty Images)

Hackers have created a fake version of the GOV.UK government website - and are luring victims to fake pages for tax returns and cost-of-living support.

Cybersecurity company Kaspersky says that the campaign could have lured thousands of users by directing them to fake government pages including pages for export licence applications. The attack appears to have been targeted for the peak season when people file tax returns, the researchers say.

The newly-identified campaign is understood to have already successfully stolen a significant volume of information from victims since it was launched in November.

Read more

How does it work?

Users were lured in using emails and text messages which appear to be from the government, but directed to fake pages built to harvest information.

The fake pages closely resemble real GOV.UK pages.

The pages closely resemble real government pages (Kaspersky)
The pages closely resemble real government pages (Kaspersky)
Wanted hackers coding virus ransomware using laptops and computers. Cyber attack, system breaking and malware concept.
The attacks were sent out in emails and text messages (Getty)

The GOV.UK site was launched in 2015 and now part of the UK’s national infrastructure, and is used by millions of people to find the government services and information they need every day.

What data was stolen?

Kaspersky said that the compromised data included full names, email addresses, mobile numbers, home addresses, dates of birth, and financial information including credit card numbers, expiry dates and CVV numbers.

David Emm, principal security researcher at Kaspersky, said: "This campaign is as dangerous as it is unique, focusing on a range of targets who are reliant on government support – from small to medium sized businesses through to the most vulnerable in our society.

“The level of detail and scale of services being mimicked means that there are numerous ways this scam is catching people off guard.

“Phishing normally targets lots of individuals for relatively small amounts of information or money, but this is a very carefully crafted campaign that requires an extremely high degree of caution on the part of the recipient.”

Why did they launch now?

A significant number of individuals choose to use the holiday period to file their tax returns with HM Revenue and Customs, the researchers warned.

Data showing that over 22,000 forms were submitted for the 2021 to 2022 tax year over the Christmas period.

The timing of the scam is designed to coincide with an annual surge in GOV.UK users, with cybercriminals using email and text message campaigns that create a sense of urgency, curiosity, and fear in victims.

How can you avoid falling victim?

Be suspicious of any email purporting to be from the government which encourages you to click a link, Emm advised, adding: "Simply put, if you receive any sort of message encouraging you to click, don't.

"Manually search for the information and navigate your own way around a website. It may take longer, but it will keep you safe."