HMRC Phishing Emails: How To Spot & Report Suspicious Email
Complete Guide to Identifying Tax Refund Scams and Protecting Your Personal Information
HMRC received over 1.2 million reports of phishing and scam emails in the last year alone, with tax refund scams accounting for 67% of all reported incidents. Victims lost an average of £1,200 to these sophisticated fraud attempts.
What Are HMRC Phishing Emails?
HMRC phishing emails are fraudulent messages designed to trick recipients into revealing personal information, financial details, or login credentials by impersonating Her Majesty’s Revenue and Customs. These scams often promise tax refunds or threaten penalties to create urgency.
Common Characteristics of HMRC Scams:
- Unexpected tax refund offers
- Urgent requests for personal information
- Threats of legal action or penalties
- Requests for payment via unusual methods (gift cards, cryptocurrency)
- Links to fake HMRC websites
How to Spot HMRC Phishing Emails
Genuine HMRC communications will never:
- Notify you about a tax refund by email
- Ask for personal or financial information by email
- Request your PIN, password, or bank details
- Use threatening language to prompt immediate action
- Send attachments you weren’t expecting
Example 1: Tax Refund Scam
Subject: Your HMRC Tax Refund of £428.65 is Ready
Dear Taxpayer,
We have calculated your last year’s tax payments and you are eligible to receive a tax refund of £428.65.
To receive your refund, please click the link below and complete the refund form:
SUSPICIOUS LINK: https://hmrc-refund-claim.com/form.php
You must claim your refund within 7 days or it will be forfeited.
Yours sincerely,
HMRC Refunds Department
What’s Wrong With This Email?
- Sender address: Uses a non-government domain (hmrc-refund.org)
- Urgency: Creates false time pressure
- Generic greeting: Uses “Dear Taxpayer” instead of your name
- Suspicious link: Points to a non-HMRC website
- Unexpected refund: HMRC doesn’t notify about refunds via email
Example 2: Threatening Scam Email
Subject: URGENT: Legal Action Against You – Case #746382
We have been trying to reach you regarding your outstanding tax balance of £1,850.42.
Your failure to respond to our previous communications has resulted in legal proceedings being initiated against you.
To avoid immediate legal action and potential arrest, you must make payment within 48 hours via the secure link below:
SUSPICIOUS LINK: https://hmrc-payments.com/secure-payment
If we do not receive payment, a warrant for your arrest will be issued.
This is your final notice.
HMRC Legal Department
Genuine HMRC Communication Practices
| Communication Type | Genuine HMRC Method | Scam Indicator |
|---|---|---|
| Tax Refunds | Letter through post or message in your personal tax account | Email or text message offering refund |
| Payment Requests | Official letters with specific reference numbers | Email demanding immediate payment |
| Personal Information | Secure message service through your government gateway account | Email asking for details directly |
| Legal Notices | Formal letters, sometimes delivered by recorded delivery | Threatening emails warning of arrest |
| Contact Methods | Known official phone numbers and government websites | Unverified phone numbers or websites |
How to Report Suspicious HMRC Emails
Do not reply to the email, click any links, or download attachments. Engaging with scammers can confirm your email address is active.
Forward the suspicious email to HMRC’s dedicated phishing team at phishing@hmrc.gov.uk. Include the full email headers if possible.
After forwarding, delete the email from your inbox and trash folder to avoid accidental clicks later.
If you’ve provided personal information or made a payment, report it to Action Fraud (the UK’s national reporting centre for fraud) immediately at actionfraud.police.uk or by calling 0300 123 2040.
What to Do If You’ve Been Scammed
- Contact your bank: If you’ve shared bank details or made a payment, contact your bank immediately
- Change passwords: Update passwords for any accounts that might be compromised
- Monitor accounts: Watch for suspicious activity on your financial accounts
- Credit report: Consider checking your credit report for unusual activity
- Report it: File a report with Action Fraud even if the amount seems small
Recent HMRC Scam Trends (2025)
1. Self-Assessment Phishing
As the January 31st deadline approaches, scammers send emails pretending to be about Self-Assessment tax returns, often with fake penalties or confirmation requests.
2. COVID-19 Grant Scams
Fraudsters target businesses with fake emails about COVID-19 support schemes or grant applications.
3. VAT & CIS Phishing
Construction industry workers and VAT-registered businesses receive emails about VAT refunds or CIS (Construction Industry Scheme) payments.
Protecting Yourself from Future Scams
| Protection Method | How It Helps | Implementation |
|---|---|---|
| Email Filters | Blocks suspicious emails before they reach your inbox | Enable spam filters and mark phishing emails as junk |
| Two-Factor Authentication | Adds extra security layer to your accounts | Enable 2FA on your government gateway and email accounts |
| Regular Updates | Protects against known security vulnerabilities | Keep your operating system and browsers updated |
| Education | Helps recognize new scam techniques | Stay informed about current phishing trends |
| Verify Independently | Confirms legitimacy of communications | Contact HMRC through official channels to verify suspicious messages |
Think You’ve Received a Phishing Email?
When in doubt, don’t click! Forward suspicious emails to phishing@hmrc.gov.uk and then delete them.
Report to HMRC Now
