HMRC and payroll phishing emails increase by 317% ahead of tax deadline

Egress | 30th Mar 2022

With the end of the UK tax year approaching, Egress researchers have detected a sharp rise in phishing scams impersonating UK tax authority HMRC and payroll software providers. Cybercriminals are taking advantage of the deadline to manipulate their victims into downloading malicious attachments. Egress VP of Threat Intelligence Jack Chapman shares his advice on how to avoid falling for a phishing attack.

Jack Chapman, VP of Threat Intelligence at Egress, explains, "We’ve seen a 317% increase in phishing scams impersonating HMRC and payroll software companies, like Xero, as cybercriminals take advantage of the end of the UK tax year. The hackers are sending out mass emails, using spoofed display names so that the email appears to be from HMRC. Individuals should take extreme caution when reading notification emails that request them to click on a hyperlink or download any attachments, as these can contain dangerous malware. HMRC do not email anyone regarding tax returns, refunds or rebates. You can find further advice regarding HMRC phishing impersonations on their website.”