Thanks to the lovely Jo for sending this one in. It’s been hitting a lot of small businesses over the last week.
Notice of Underreported Income – 12 October 2009:
An email from no-reply@hmrc.gov.uk entitled Notice of Underreported Income is currently being circulated. The email links to a fake HMRC website entitled ‘Fraud Application’ and asks that you download and review a tax statement document. The website then opens an executable file on your machine.
The email is not from HMRC. You should be aware that opening executable files (.exe) over the internet can potentially compromise the security on your machine.
HMRC do not issue emails asking for personal details. Do not visit the website contained within the email or disclose any personal or payment information. If you receive an email requesting such information, please forward it to phishing@hmrc.gsi.gov.uk and then delete it.
This is similar to the scam in the US, using an IRS themed phishing email. The malware in US versions is known as Zeus, Zbot, and PRG. I have not received any sample executables from the UK version so I am not certain that the UK version is Zeus, but if it is, be careful. As the two links below explain, the recent versions of Zeus are particularly nasty and are designed to syphon money from your online bank accounts.
http://voices.washingtonpost.com/securityfix/2009/09/irs_scam_e-mail_could_be_costl.html
http://www.theregister.co.uk/2009/09/18/zeus_evades_detection/
thank heavens Mac’s dont run .exe files
i thought they were jst to scare ppl.
checking log in websites (url) of your bank is not such a bad idea either. Not for the exe files ofcourse.
And every ATM machine, or payment machine in a shop … all can be meddled with …
I fear the oriental mix I’m eating is containing an executable ingredient as well .. gets triggered in bed … (no, not like that .. think stomach) .. Maybe some dry bread in between sucks it in .. ehehe ..
And the floor is downloading the warmth out of my feet …
Such criminal word we live in ..
Just delete it, don’t even forward it on.
Can you believe I work for HMRC and I knew nothing about any of this?? They’re usually pretty good at alerting us to any form of scams doing the rounds (like the phone one that Coops posted about the other week) but this one, no.
Thankyou for bringing this to my attention. I shall definitely be mentioning it to my manager.
LC x
I always pre-screen my mails with a thing called MailMaint, plus I have multi addresses so it’s obvious when there’s a scam, I didn’t think to pass this along. It was a lot better disguised than most, come to think of it. It’s been going for at least a week.
Basically if something looks important, it’s probably fake. Check the details of each address in the mail (using something other than an email program and definitetely something other than a leading commercial email program – some of these think it’s clever to run an EXE just because they can!!). Then junk it anyway. If you owe someone money, they know where you live.
Ironically, people virally passing around scam warnings can actually be the scam itself. A great site to check the legitimacy of suspected scams is:
http://www.snopes.com/
Or if you want to see a bunch of Nigerian 419 scammers who have become their own victims:
http://www.419eater.com/
HMRC and scams? Don’t they operate one of the biggest ones in history? Income Tax.
From the pirates’ own website, “Income Tax was announced in 1798, and introduced in 1799, as a means of paying for the war against the French forces under Napoleon”.
Despite being introduced as a temporary measure which was supposed to be in force for only six equal instalments, taking around 10% of income, it has been used to fund wars ever since. Lovely.