Whilst April Fool’s Day was yesterday, it is never too late to fall victim to tricks!
The start of the new tax year on 6 April is fast approaching. Now more than ever businesses may find themselves targeted by criminals posing as HM Revenue & Customs (HMRC) through phishing attempts and tax avoidance scams.
At this time of year, it is best to be cautious about the communications you receive.
Pay close attention to the latest HMRC guidance on common scams played on businesses around the changes to the tax year.
What scams are out there?
Whilst new scams are emerging all the time, many recurring scams target individuals and businesses year on year. Some of these include:
- HMRC tax refund scams related to COVID-19
- Tax rebate email scams
- Automated phone call scams claiming HMRC is filing a lawsuit or offering a tax refund
- Social media and refund companies impersonating HMRC
- Scams on parcels and customs duty.
These scams all aim to get vital personal or financial information about you or your business. It is best not to disclose any information to the people you are talking to unless you are 100 per cent sure that you are talking directly to HMRC.
If you believe that you have received any of the above, you should report them directly to HMRC here.
How do you avoid scams?
Education is the best way to avoid getting scammed.
You should run regular training sessions for yourself and your team that cover the latest scam techniques and examples of how they can manifest.
Training should also include the communication practices of HMRC. The guidance includes the information that HMRC will never ask for, such as:
- Personal or financial information over email or text
- Payment in gifts or payment vouchers
These will help employees recognise any attempts at fraud.
How do you improve security?
It is vital that all communications with HMRC or any other financial institution are only conducted through secure and verified sources.
You should verify the authenticity of any requests for information or payments before any sensitive information is shared.
It is also vital to implement robust security measures such as encrypted connections and secure networks or business transactions. You should also create multi-factor authentication for sensitive accounts and regularly update passwords to be strong and unique.
As part of increasing your security, you should also limit the amount of personal, business, and financial information that is shared online. Employees should be trained in data privacy and the best practices to prevent the accidental dissemination of sensitive data.
You can also establish internal controls to verify payment requests, especially those that are unusual or deviate from standard procedures.
Recording and reporting scams
To prevent scams, you should take an active stance on monitoring and reporting any suspicious activities to HMRC.
This will also allow your business to stay up to date with the latest scam trends and help other businesses to do the same.
You can also keep on top of scam prevention by contacting your company’s accountant. They can provide insights into the best practices for scam prevention and ensure your business has adequate insurance coverage against fraud and cybercrime.
Get in touch today to find out how we can help you avoid scammers.