Every year, tens of thousands of taxpayers receive e-mails on tax refunds which appear to be from HMRC; Although at first glance they may look like the real deal, don’t fall into this trap – they are actually phishing scams sent from unofficial sources and they are designed to deceive the taxpayer into giving out sensitive information such as personal details, passwords and credit card numbers.

If you have received what you think is a HMRC phishing e-mail, follow these steps to ensure that it is a phishing e-mail and understand what can be done about it.


Step 1. Do not respond to the e-mail, or open any links or attachments that may be included in the e-mail, and do not enter any personal information or bank details

Step 2. If the e-mail is telling you that you are due a tax refund, remember that HMRC do not send notifications by e-mail about tax rebates or refunds

Step 3. Check if the e-mail:

  • Has spelling mistakes or poor grammar
  • Is from an e-mail address which is similar to, but not the same as legitimate HMRC e-mail addresses (an example is refunds@hmrc.gov.uk)
  • Contains wording which stresses an urgent deadline or tells you to claim within 24 hours
  • Notifies you of a tax rebate/tax refund
  • Offers you a repayment
  • Contains a link that looks like (but is not the same as) the HMRC website, or a link which contains a lot of numbers and letters
  • Begins with a generic greeting such as Dear Customer, or has no greeting at all
  • Has attachments

If one or more of the above apply, then it is likely you have received a phishing e-mail.

Step 4. Still not sure? Have a look at these examples of phishing e-mails that have been received by taxpayers and see if yours is similar:


Source: J&P Accountants


Source: gov.uk

Step 5. Report the e-mail straight away. You can do this by forwarding it to HMRC’s official Phishing team: phishing@hmrc.gsi.gov.uk

Step 6. Once you have forwarded the e-mail, delete it immediately.

Step 7. You will receive an official e-mail from HMRC with the following information:

HMRC Response

Source: J&P Accountants

The e-mail will tell you:

  • That the phishing e-mail has been confirmed as a scam, and was not issued by HMRC
  • To forward a report to HMRC via security.custcon@hmrc.gsi.gov.uk
  • To continue to forward all suspicious HMRC related e-mails/texts to phishing@hmrc.gsi.gov.uk

In July 2018 HMRC stated that they had removed 20,750 malicious websites within the 12 months leading up to this date. This was an increase of 29% compared to the year before. By keeping alert and reporting any suspicious e-mails you receive, you are helping HMRC to tackle the problem of phishing and preventing these malicious sources from targeting other taxpayers.

You can view further examples of phishing e-mails on this article by HMRC here.

If you need any more information or assistance in paying taxes, VAT, or anything else, please do not hesitate to drop us a line – call us today or send us a message via social media.