We have recently been inundated with emails relating to bogus “Unsuccessful Submissions to HMRC” and fictitious invoices from various sources for us to view.
We also know of one of our clients who received an email purporting to be from Companies House and relating to a complaint that had been submitted. As we deal with the client’s affairs they naturally assumed that we had initiated said complaint and referred the email to us. We were able to warn the client that the email was a scam and that no such complaint existed.
All of these looked pretty official, complete with appropriate logos and format as used in the genuine article but with some tell-tale signs. The invoice ones in particular had characters missing in the text to avoid Anti-Virus software identifying them as suspect.
The common factor in all of these emails was that there was a link giving the option to View the item, (in some cases this took the form of a button), and clicking on the links is exactly what the scammers want!
What happens if the links are clicked is uncertain, (we are not prepared to risk finding out!), but it will definitely not be good. Although it may look as if it has taken you to a legitimate site it is guaranteed not to be so and the consequences will be some form of malicious attack , either on your computer system, or to try and obtain your personal information such as bank details, site login credentials or passwords so DON’T CLICK THE LINKS!
Note too that bogus invoices can also sometimes be sent as attachments which may contain malware or may themselves contain dodgy links.
Hovering your mouse pointer over the link (don’t click!) can often show you that the destination is not that of the organisation that the email purports to come from.
If you identify an email as being of this nasty type delete it straight away but if you do still have lingering doubts that it may be genuine contact the organisation direct, to check it with them, using a phone number which you find independently of any shown in the email as they too could be bogus.
We do not know where the villains are getting our, (and our client's), email address from or how they decide who to target but do be aware that you could be next on their list!
Here are some examples of these types of emails:
Note the destination of the link on this one is not to GOV.UK:
This one was received by a client:
This one claims that we owe money