Book a FREE meeting quality@glazers.co.uk 020 8458 7427

VAT fraud – Avoid getting caught out by phishing attacks

24 February 2025

VAT fraud – Avoid getting caught out by phishing attacks

Scammers are increasingly targeting VAT-registered businesses with phishing attacks.

Warnings have been issued by a number of organisations, and taxpayers are being encouraged to check requests carefully. 

To help you avoid becoming a victim of these fraudsters, here is what you need to know to avoid getting caught out. 

Phishing and VAT fraud 

Phishing is when cyber criminals send fraudulent emails or text messages containing links to malicious websites. 

These websites often trick users into revealing sensitive information (such as passwords) or encourage taxpayers to transfer money. 

They can also contain malware that sabotages systems and organisations or ransomware, which holds sensitive information or systems ransom in return for a fee. 

For example, scammers are manipulating and submitting form VAT 484 to HM Revenue & Customs (HMRC) to change legitimate bank details to theirs. 

Once a repayment return is processed and verified by HMRC, funds are directed to the fraudsters’ accounts instead of the legitimate ones. 

Many businesses are currently being targeted by these methods as they submit their regular VAT report to HMRC and make payments. 

While they can be hard to identify, there are recurring scams that target both individual finances and businesses. 

The most common ones include: 

  • Texts or calls offering HMRC tax refunds 
  • Email scams about tax rebates 
  • Automated phone call scams that claim HMRC is filing a lawsuit. 

Never disclose personal or financial information about you or your business to people or websites claiming to be HMRC – unless you are 100 per cent sure that you are speaking to the tax authority. 

HMRC will only ever email you about a tax rebate or ask for personal or payment information from an email address that ends in hmrc.gov.uk. 

To find out more about how you can prevent yourself from falling victim to an HMRC scam, please visit the tax authority’s dedicated advice page. 

How to prevent phishing attacks 

It is difficult to mitigate against all phishing attacks. However, there are steps you can take to protect your organisation as much as possible. 

The National Cyber Security Council (NCSC) recommends a four-layer defence system: 

  • Make it difficult for attackers to reach your users. 
  • Help users identify and report suspected phishing messages. 
  • Protect your organisation from the effects of undetected phishing emails. 
  • Respond quickly to incidents. 

You can implement these four layers of defence by: 

  • Using secure, encrypted connections for business transactions and HMRC communications. 
  • Conducting regular phishing awareness training for all employees. 
  • Implementing multi-factor authentication for access to sensitive accounts. 
  • Reporting suspicious emails to HMRC (phishing@hmrc.gov.uk) to help fight phishing scams. 

If you are unsure whether a communication from HMRC is legitimate or not, please seek advice from our team at the earliest opportunity. 

For more information, please get in touch. 

Latest News

Saving your money and the planet – How businesses can handle environmental taxes

In addition to rising operating costs and economic uncertainty, many... Read more

Why is Wealth Tax a hot topic of discussion?

As the Autumn Budget approaches, there is plenty of noise... Read more

Income Tax won’t rise according to Treasury minister – but could a further freeze be on the way?

With speculation increasing and showing no signs of slowing down... Read more

Are you on HMRC’s radar? The rising cost of money laundering compliance breaches

HM Revenue & Customs (HMRC) recently published its latest round... Read more

Earn extra income? HMRC urges you to file your tax return early

If you have made more than £1,000 from a side... Read more

How will Air Passenger Duty increases impact your travel business?

If you work in travel, you will already know things... Read more

Get in touch

This field is for validation purposes and should be left unchanged.
If you would like to see full details of our data practices please visit our Privacy Policy.

Glazers Accountants

843 Finchley Road,
London, NW11 8NA

020 8458 7427
quality@glazers.co.uk

Information

Terms of business Privacy Policy Cookie Policy Sitemap

Join our mailing list

This field is for validation purposes and should be left unchanged.

If you would like to see full details of our
data practices please visit our Privacy Policy.

Glazers Chartered Accountants is a partnership. This information has been produced for general interest. It is therefore essential to take advice on specific issues. We are unable to take responsibility for any outcome resulting from acting upon, or refraining to act upon, this information. In accordance with the disclosure requirements of the Provision of Services Regulations 2009, our professional indemnity insurers are Prosure Solutions Limited, 150 Minories, London, EC3N 1LS. The territorial coverage is worldwide excluding any action for a claim bought in any court in the United States of America or Canada.

© Glazers 2025. Company No. 05962817

Website designed by JE Consulting