Skip to main content

Don’t take the bait, be cyber aware

Posted by: , Posted on: - Categories: General, News and Updates


bank card caught on a fishing hook

A friend of mine recently received a fake HMRC email and I have to say, it looked incredibly realistic.

Scammers are using increasingly sophisticated methods to spoof legitimate HMRC communication with information that appears both genuine and relevant.

However, you should always remember HMRC will never notify you of a tax rebate by email or text. And we will not ask you to disclose personal or payment information by email or text.

If you have the slightest doubt that a HMRC email or text is fake, my advice is:

  • do not open attachments, they could contain a virus
  • do not click on links; they could take you to a fake HMRC site
  • do not disclose personal/confidential information
  • do, forward suspicious HMRC text messages to 60599 (charged at your network rate)
  • do forward suspicious emails to HMRC phishing team at,
  • If in doubt, check our security guidance: Dealing with HMRC Phishing and scams.

Also, if you think you have disclosed personal information in response to a scam HMRC email or text, act quickly. Contact the HMRC security team at, providing brief details of what you disclosed (e.g. name, address, HMRC User ID, password). Do not give your personal details in the email.

At a top level, HMRC and agents are working together to protect their clients. By reporting your suspicions to us, and promoting cyber security messages, you can protect yourself, colleagues and clients from threats.

Thank you

Sharing and comments

Share this page