IT Systems and Data Protection

25.06.18

HMRC: Staying one step ahead

Source: PSE June/July 2018

Mike Fell, head of operational and cyber security at HMRC, lists the pioneering ways through which the organisation has been successfully stamping out cybercrime from malicious fraudsters.

Cyber security remains one of the most serious threats to the UK’s wellbeing. That’s why, at HMRC, we’re committed to protecting our customers and their data by staying one step ahead of cyber criminals.

Back in November 2016, the UK Government set up the National Cyber Security Centre. We’ve joined forces with the new body and other government departments like the Department of Work and Pensions, the Home Office, and the Driver and Vehicle Standards Agency to improve our cyber defence and to protect the UK from harm.

HMRC will never advise customers of tax refunds by email or text. Despite this, criminals take advantage by sending scam emails and texts which link to fake government websites to dupe the public into handing over their personal data or banking details.

In the year to April 2017, we identified and requested the removal of 14,631 malicious HMRC-related sites. As well as this, we’ve taken over 300 million phishing emails out of circulation by using cutting-edge technology.

Scammers also set up sites to mislead the public into paying premium rates for services, such as phoning HMRC, that are available for little or no cost. By challenging ownership of the misleading domains being used to advertise such services, HMRC has been able redirect over three million visits from these to the genuine GOV.UK contact HMRC pages. This has saved the public an estimated £2.4m.

As we have applied technical controls, and the public have become savvier around what sort of emails to be suspicious of, traditional email phishing is less credible than ever. Unfortunately, this means the criminals have developed their techniques, moving to abuse SMS text messages to dupe people through ‘SMiShing.’ The volumes of SMiShing attacks grew significantly during 2016 and 2017, and we know people are more than nine times more likely to be duped by HMRC-branded SMS phishing attacks than email attacks.

The cyber security team in HMRC have worked hard with industry on an innovative pilot to protect a range of HMRC-related ‘alpha tags’ – the sender identifier that can display on your phone when you receive a text message. This technique blocks the vast majority of the most credible HMRC-branded text messages, stopping them before they are even delivered to your phone.

Since the pilot began, there has been a 90% reduction in customer reports of SMiShing attempts using the most credible HMRC branding. This has forced criminals to use less relevant alpha tags, which are easier for potential victims to spot.

Just before Christmas last year, there was a particularly nasty scam targeting the elderly and vulnerable groups. Fraudsters cold-called the victims, claiming to be from HMRC, and told them they had an outstanding tax bill to settle before asking them to buy online payment vouchers and read out the codes. Most victims were over 65 and lost £1,150 on average.

HMRC has worked hard to help protect the public from this scam, including working with the voucher provider to put warnings on the cards, working with partners such as UK Finance to increase public awareness of the scam, and writing directly to UK retailers to ask them to train their staff to look out for this.

We take protecting our customers seriously, and part of this means advising them on how they can keep themselves safe. Our top tips include recognising the signs – genuine organisations like banks and HMRC will never contact you out of the blue to ask for your PIN or password; staying safe – don’t give out private information, reply to text messages, or download unexpected attachments or links; and taking action – forward suspicious emails or texts claiming to be from HMRC to phishing@hmrc.gsi.gov.uk or 60599, check GOV.UK for information on how to avoid and report scams, and check out our online guide if you think you’ve received an HMRC-related phishing/bogus email or text.

Comments

There are no comments. Why not be the first?

Add your comment

 

public sector executive tv

more videos >

latest public sector news

Council to spend £4m investigating senior officers who gave themselves 20% wage rise during pay freeze

14/12/2018Council to spend £4m investigating senior officers who gave themselves 20% wage rise during pay freeze

A council has agreed to allocate nearly an extra £250,000 to an investigation looking into alleged pay rises given to senior officers. ... more >
Government commissioner allows Wakefield Council to retain full control of services

14/12/2018Government commissioner allows Wakefield Council to retain full control of services

Almost four months after Ofsted inspectors identified “serious and widespread failures” across Wakefield’s children’s ser... more >
Fife Council scraps controversial P1 assessments despite harsh government opposition

14/12/2018Fife Council scraps controversial P1 assessments despite harsh government opposition

Fife Council has announced that it will be scrapping the controversial standardised P1 assessments at the end of the current academic year. ... more >

editor's comment

25/10/2017Take a moment to celebrate

Devolution, restructuring and widespread service reform: from a journalist’s perspective, it’s never been a more exciting time to report on the public sector. That’s why I could not be more thrilled to be taking over the reins at PSE at this key juncture. There could not be a feature that more perfectly encapsulates this... read more >

last word

The importance of openness after Grenfell

The importance of openness after Grenfell

Following the recent Grenfell Tower tragedy, Lord Porter, chairman of the LGA, argues that if the public are going to have faith in the safety testing process then everything must be out in the o... more > more last word articles >
Council to spend £4m investigating senior officers who gave themselves 20% wage rise during pay freeze

14/12/2018Council to spend £4m investigating senior officers who gave themselves 20% wage rise during pay freeze

A council has agreed to allocate nearly an extra £250,000 to an investigation looking into alleged pay rises given to senior officers. Labour, Plaid Cymru, and Independent members at C... more >
Government commissioner allows Wakefield Council to retain full control of services

14/12/2018Government commissioner allows Wakefield Council to retain full control of services

Almost four months after Ofsted inspectors identified “serious and widespread failures” across Wakefield’s children’s services, it has today been announced that the counci... more >

the raven's daily blog

Blog: 5 minutes with Gary Wallis-Clarke, member of the Northern Powerhouse Education and Skills Group

12/12/2018Blog: 5 minutes with Gary Wallis-Clarke, member of the Northern Powerhouse Education and Skills Group

Ahead of the upcoming networking extravaganza EvoNorth, we caught up with Gary Wallis-Clarke, a member of the Northern Powerhouse Education and Skills group, executive headteacher at West Jesmond Primary school, and its national leader of education. In our interview, Gary reveals what the Northern Powerhouse means to him and explains... more >
read more blog posts from 'the raven' >

comment

The digital buying community is live

12/11/2018The digital buying community is live

Many of the requirements from buyers posted on the Digital Marketplace were either non-compliant or poorly worded, which resulted in challenges f... more >
A force to be reckoned with

12/11/2018A force to be reckoned with

The South Bank plan, which refers to a number of investments and proposed activities across a massive plot of land south of the River Aire, is on... more >
Less for less: the risk of 'core offers'

12/11/2018Less for less: the risk of 'core offers'

As councils across England struggle with their finances in the face of massive cuts from central government, Simon Edwards, director of the Count... more >
A two-speed England

05/11/2018A two-speed England

Central government needs to change its approach to local transport planning and investment, including by consolidating funding and maximising dev... more >

interviews

New Dorset Councils CEO on the creation of a new unitary: ‘This is going to be the right decision for Dorset’

05/11/2018New Dorset Councils CEO on the creation of a new unitary: ‘This is going to be the right decision for Dorset’

The new chief executive of one of the new unitary authorities in Dorset has outlined his approach to culture and work with employees, arguing tha... more >
Keeping the momentum of the Northern Powerhouse

15/10/2018Keeping the momentum of the Northern Powerhouse

On 6 September, the biggest decision-makers of the north joined forces to celebrate and debate how to drive innovation and improvement through th... more >
Cllr Cutts on dealing with children’s services pressures: ‘I can’t magic money out of the air’

26/09/2018Cllr Cutts on dealing with children’s services pressures: ‘I can’t magic money out of the air’

The leader of Nottinghamshire County Council has outlined her priorities for dealing with soaring demand of children’s services and social ... more >
Nottinghamshire considers unitary shake-up proposals in a bid to balance books

05/09/2018Nottinghamshire considers unitary shake-up proposals in a bid to balance books

Nottinghamshire County Council is considering proposals to scrap its current two-tier structure for a new unitary system in order to save on... more >

public sector focus

View all News