HMRC Phishing Email and Web site
Threat Type: Phishing Alert
Websense® Security Labs™ ThreatSeeker™ Network has discovered a phishing site emulating the Web site belonging to HM Revenue & Customs (HMRC), the UK government's taxation authority. The fake site is hosted in Denmark and uses the same stylesheet and graphics as the real HMRC Web site.
Recipients first receive an email advising them that they are due a tax refund. This email contains a link to the phishing Web site. The phishing site aims to collect personal information such as name, address, and credit card information. Upon submitting the data, the user is redirected to the real HMRC site.
The sending of the email is very timely with certain HMRC deadlines for online applications of tax returns imminent (31st January 2009).
Websense has advised HMRC of this threat.
Screen shot of the phishing email:
Screen shot of the phishing Web site:
Websense Messaging and Websense Web Security customers are protected against these threats.