Hackers exploit HMRC Coronavirus Job Retention Scheme with phishing email scam

Hackers exploit HMRC Coronavirus Job Retention Scheme with phishing email scam

In case you’ve not had one yet, readers beware, as cyber criminals are currently exploiting the government’s Coronavirus Job Retention Scheme with a highly realistic scam email, purporting to be from HMRC.

The email, revealed today by the Lanop Accountancy Group, is targeting business owners using official HMRC branding and purports to be from “Jim Harra, first permanent secretary and chief executive of HMRC”.

Around 50 business owners have so far reported receiving the suspicious emails to Lanop after noticing the email was sent via the address This email address is being protected from spambots. You need JavaScript enabled to view it., despite its user title being ‘HM Revenue & Customs’.

The email asks for the bank account details of the recipient and includes the following message with typos:

“Dear customer, We wrote to you last week to help you prepare to make a claim through the Coronavirus Job Retention Scheme. We are now writing to tell you how to access the Covid-19 relief. You will need to tell your us which UK bank account you want the grant to be paid into, in order to ensure funds are paid as quickly as possible to you.”

Recent research f has suggested that Coronavirus-related phishing emails have risen by 667% since the start of March. The scams included fraudulent communication purporting to be from the World Health Organisation (WHO) and the NHS and private health suppliers selling facemasks and other personal protection equipment (PPE).

Aurangzaib Chawla FCCA, managing partner at Lanop Accountancy Group commented, “We're calling upon all businesses to think twice before handing over bank details and making bank transfers in response to email requests during this crisis.

“Cybercrime is rising rapidly and this is the first of what we expect to be many scam emails, designed to trick unsuspecting owners into handing over private company data. We are also offering free advice about how to tackle these scams and reporting any suspicious activity direct to HMRC.” 

Cybersecurity expert Chris Ross, SVP at Barracuda Networks added, “We’re seeing a sharp rise in phishing emails relating to the Covid-19 outbreak and this example underlines how hackers will prey upon vulnerable business owners who are trying to protect jobs. 

“As always with these scams, the victim is encouraged to disclose personal data and financial information under the false assumption that the email is legitimate.

“It is absolutely vital that businesses have the cyber security systems in place to identify and quarantine phishing emails and ensure that every employee is properly trained to spot suspicious communication and think twice before giving out personal information.”