British businesses are the target of a new phishing scam in which criminals impersonate an employee of Her Majesty's Revenue and Customs.
Victims are sent a fake email purporting to be from “Jim Harra, First Permanent Secretary and Chief Executive of HMRC,” and inviting them to make a financial claim under the genuine UK government's Coronavirus Job Retention Scheme.
The recently introduced scheme allows UK businesses to claim for 80% of their employees' wages plus any employer National Insurance and pension contributions, if their staff have been furloughed as a result of the COVID-19 outbreak.
In the fake email, the victim is asked to provide their bank account details in order to receive a Coronavirus Job Retention Scheme payment.
The email reads: “Dear customer, We wrote to you last week to help you prepare to make a claim through the Coronavirus Job Retention Scheme. We are now writing to tell you how to access the Covid-19 relief. You will need to tell your [sic] us which UK bank account you want the grant to be paid into, in order to ensure funds are paid as quickly as possible to you.”
The sender of the malicious email appears to be HM Revenue & Customs; however, the email address from which the attack originated is no-reply@ncryptedprojects.com.
News of the phishing attack reached Infosecurity Magazine via London-based financial services firm Lanop Accountancy Group. At time of writing, Lanop had received warnings about the suspicious email from 50 different business owners.
“We're calling upon all businesses to think twice before handing over bank details and making bank transfers in response to email requests during this crisis," said Aurangzaib Chawla, managing partner at Lanop.
"Cyber-crime is rising rapidly, and this is the first of what we expect to be many scam emails, designed to trick unsuspecting owners into handing over private company data."
Lanop expressed a desire to help companies navigate through the thickening mud of COVID-19 scams.
"We are offering free advice about how to tackle these scams and reporting any suspicious activity direct to HMRC,” said Chawla.
Recent research from cybersecurity company Barracuda Networks has suggested that coronavirus-related phishing emails have risen by 667 percent since the start of March.