Fraudsters are trying to manipulate the HMRC web interface to redirect tax rebates.

All they need is a password and some personal details to redirect the rebates.

The HMRC has posted related scam examples, apparently meant to help stop the fraud, but it has some confusing language itself:

HMRC would not inform customers of a tax rebate via email, or invite them to complete an online form to receive a rebate of tax.

Do not visit the website contained within the email or disclose any personal or payment information.

Email addresses used to distribute the tax rebate emails include:

* hmrc@tax-revenue.uk
* refundsdept@hmrc.gov.uk
* tax-credits@hmrc.tax-credits.co.uk
* hmrc@tax-revenue.uk
* refunds@hmrc.gov.uk
* Tax-credits-office@hmrc.co.uk
* taxcredits@hmrc.co.uk
* refunds@hmrc.co.uk
* tax-service@hmrc.customs.gov.uk
* refundtax@hmrc.gov.co.uk
* TaxRefund@hmrc.gov.uk
* service@hmrc.gsi.gov.uk
* notice@hmrc.gov.uk
* hmrc@hmrc.gov.uk
* admin@hmrc.gsi.gov.uk
* info@hmrc.gsi.gov.uk
* services@hmrc.gsi.gov.uk

HMRC does not send out emails using these email addresses.

“Email addresses used to send out email are…the HMRC does not send out email using these addresses.”

Also confusing will be the phrase “Do not visit the website contained within the email…” since the website may actually be the HMRC with a hidden/bogus redirect as the actual reference. In other words “HMRC Website” could have “http://attacker.badsite.co.uk” as the actual and obscured link.

Perhaps they could say instead that you should never click on a link in email. Users should adopt the latest secure browser and only go directly to the HMRC site: http://www.hmrc.gov.uk/

Examples of the fraud can be found here, or by going directly to http://www.hmrc.gov.uk/security/examples.htm ;)