HMRC deactivates record number of fake websites

Source: Computer Weekly, 02/07/2018

New figures show that HM Revenue & Customs (HMRC) requested a record
20,750 malicious sites to be taken down in the past 12 months, which
represents an increase of 29% on the previous year.
From forensic cyber to encryption: InfoSec17
Security technologist Bruce Schneier’s insights and warnings around
the regulation of IoT security and forensic cyber psychologist Mary
Aiken’s comments around the tensions between encryption and state
security were the top highlights of the keynote presentations at
Infosecurity Europe 2017 in London.
Despite a record number of malicious sites being removed, HMRC has
warned that millions of taxpayers remain at risk of losing substantial
amounts of money to online fraudsters.
HMRC has brought in cutting-edge technology to tackle cyber crime and
target fraudsters, but says the public needs to be aware and report
phishing attempts to defeat the criminals.
Suspicious emails claiming to be from HMRC can be forwarded to
phishing@hmrc.gsi.gov.uk and texts to 60599. Any suspicious calls can
be reported to Action Fraud through its call centre on 0300 123 2040
or through its online fraud reporting tool.
During the financial year 2017 to 2018, HMRC responded to nearly one
million phishing referrals and reduced spoofed phishing texts by 90%
through the use of new technology.
The tax department said genuine organisations such as banks and HMRC
would never contact people to ask for their personal identification
number (PIN), password or bank details.
People should therefore never give out private information, download
attachments, or click on links in emails and messages they were not
expecting, HMRC warned.
Treasury minister Mel Stride said criminals prey on the public and
abuse their trust in government. “HMRC is cracking down harder than
ever, as these latest figures show. But we need the public’s help as
well. By doing the right thing and reporting suspicious messages you
will not only protect yourself, you will protect other potential
victims,” he said.
“HMRC is cracking down [on malicious websites], but we need the
public’s help as well. By doing the right thing and reporting
suspicious messages you will not only protect yourself, you will
protect other potential victims” Mel Stride, financial secretary to
the Treasury and HM Paymaster General
The most common type of scam is the “tax refund” email and SMS, but
HMRC does not offer tax refunds by text message or by email.
Putting a stop to phishing messages
HMRC has been trialling technology which identifies phishing texts
that claim to be from HMRC, and stops them from being delivered. Since
the pilot began in April 2017, there has been a 90% reduction in
people reporting spoof HMRC-related texts.
This innovative approach won the HMRC cyber security team the Cyber
Resilience Innovation of the Year Award in the recent Digital Leaders
(DL100) Awards.
In November 2016, HMRC was the first government department to
implement fully the domain-based message authentication, reporting and
conformance (Dmarc) protocol. Implementation of Dmarc is mandatory for
public sector bodies as part of the active cyber defence programme
(ACD) led by the UK’s National Cyber Security Centre (NCSC).
Dmarc allows emails to be verified to ensure they come from a genuine
source. The system has successfully stopped half a billion phishing
emails reaching customers.
HMRC has also saved the public more than £2.4m by tackling fraudsters
that trick the public into using premium rate phone numbers for
services that HMRC provides for free. Scammers create websites that
look similar to HMRC’s official site and then direct the public to
call numbers with extortionate costs.
HMRC has successfully challenged the ownership of these websites,
masquerading as official websites, and taken them out of the hands of
cheats.
HMRC is working with the NCSC to further this work and extend the
benefits beyond HMRC customers.