Security challenges

Hear from our experts on the latest threats and & to prevent them

Published on 30th Mar 2022
Egress Blue Yellow 1920X253

HMRC and payroll phishing emails increase by 317% ahead of tax deadline

March 30th 2022

With the end of the UK tax year approaching, Egress researchers have detected a sharp rise in phishing scams impersonating UK tax authority HMRC and payroll software providers. Cybercriminals are taking advantage of the deadline to manipulate their victims into downloading malicious attachments. Egress VP of Threat Intelligence Jack Chapman shares his advice on how to avoid falling for a phishing attack.

Jack Chapman, VP of Threat Intelligence at Egress, explains, "We’ve seen a 317% increase in phishing scams impersonating HMRC and payroll software companies, like Xero, as cybercriminals take advantage of the end of the UK tax year. The hackers are sending out mass emails, using spoofed display names so that the email appears to be from HMRC. Individuals should take extreme caution when reading notification emails that request them to click on a hyperlink or download any attachments, as these can contain dangerous malware. HMRC do not email anyone regarding tax returns, refunds or rebates. You can find further advice regarding HMRC phishing impersonations on their website.”

You might also be interested in ...

Smishing Quishing Vishing Scams 555X300
Security challenges
What are smishing, vishing, and quishing scams?

You've heard of phishing - now learn about the scams that arrive via SMS, voice call, and QR code. 

Invoice Fraud Dollars555x300
Security challenges
Invoice fraud: Everything you need to know

Invoice fraud is an effective cyberattack to which nearly half of all businesses fall victim. We've outlined what to keep in mind and the intelligent email security tools you can deploy to protect yourself. 

Responding To Phishing Attack 555X300
Security challenges
How are IT leaders responding to ransomware?

Learn how IT leaders are responding to the potentially devastating impact of ransomware.