Thursday 21 May 2009

Silly Billies!

What The Fuck!
Having warned us all of the dangers of responding to unsolicited emails, claiming to be from HMRC (in reality coming from scammers), HMRC are now getting in on the act and are sending unsolicited texts and voicemail messages.

Never respond to an unsolicited text, voicemail or email (whether it seems to be from HMRC or not).

HMRC just don't seem to be able to get their heads around data security/scamming risks.

Source Director of Finance:

"PKF Accountants & business advisers is warning individuals not to respond to HM Revenue & Custom’s (HMRC) latest attempts to contact taxpayers by text or automated voice messages to save money.

Just two weeks after issuing warnings about the latest identity theft scams perpetrated by fraudsters claiming to be HMRC, the Revenue announced on Monday that it is to try contacting taxpayers by automated voicemail messages and text message.

Matt Coward, Director of Personal Tax at PKF, says: “We are urging individuals and businesses not to respond to any of these sort of messages as it is just not safe”.

On its website, HMRC has warned taxpayers to only respond to a text or automated message that quotes specific telephone numbers – 0191 225 5348 for tax or 0845 300 3900 for tax credits issues.

Coward commented, “How is anyone receiving a text or call purporting to be from HMRC to know whether or not it really is from the tax authorities?

Perhaps the only giveaway that it is a genuine number, is that the tax helpline always seems to be engaged – a fraudster would at least want to answer your call!

But, ultimately, does HMRC really expect every recipient to spend time digging around on the Revenue website to check out that the response number is genuine?”

Coward continued, “I know that HMRC is duty bound to try to save money and to look at all communication technologies, but this is clearly a waste of time. I suspect that most people will simply put down the phone as soon as they realise that the call is automated. With text messages, few will expect to receive one from HMRC so, one hopes, they would treat it with the utmost suspicion.

“If HMRC wants to try out these technologies they should do it via an “opt in” system and the messages should carry some form of personalised accreditation so that taxpayers who have registered, know they are genuine. But in my opinion, HMRC should simply use the funds spent on such exercises to clear its huge backlog of ordinary post from those taxpayers who have taken the trouble to contact them by letter
."

Tax does have to be taxing.

HMRC Is Shite (www.hmrcisshite.com), also available via the domain www.hmrconline.com, is brought to you by www.kenfrost.com "The Living Brand"

18 comments:

  1. "Dickheads!" - Is it really considered acceptable for an ICAEW-accredited professional to refer to other professionals (or anyone else for that matter) in such a manner, particularly in a public forum?

    Look, I know you will criticise absolutely everything HMRC does because that's what you do, but I really don't see the problem with these texts. (I'm not familiar with the content of automated voice messages, so I'm not going to comment on them.) The texts are to remind people to renew their tax credits claims. They include a number to call plus an HMRC web page that people can use to verify the number.

    The advice about not responding to unsolicited messages is fine, but these are just reminders. The individuals concerned are existing claimants and they will already have been sent information on renewal through the mail. For this reason, they don't even have to "spend time digging around on the Revenue website to check out that the response number is genuine", because they can just look at the bit of paper they already have!

    In fact, if they didn't have the text, and assuming they remembered to renew, they'd still have to dig around somewhere (be it the net or elsewhere) to find the contact details, so nothing has really changed on that front.

    To be continued when I've got more time available (surprisingly, given that it seems a fairly inocuous subject, my exasperation with this one rivals that which I experienced in response to some of your avoidance-related posts a while ago)...

    ReplyDelete
  2. Anon:

    Atleast Ken is happy to put his real name against his posts.
    I suspect many people will not notice much difference whether they are contacted by a "Computer robot" or a "Human drone robot."

    So who are these "other" professionals of whom you refer?

    ReplyDelete
  3. Anon:

    Are you Dave Hartnett in disguise ?

    ReplyDelete
  4. How could anyone possibly confuse HMRC, who are after your hard earned dosh to waste on the undeserving, with fraudsters who are after your hard earned dosh to waste on the undeserving?

    ReplyDelete
  5. As I work in DMB here in HMRC, this is old news to me and I agree with the comments on the original post.

    HMRC are getting desparate to cut costs in the name of efficincy' (my arse!) and while they are supposedly preaching data security in the department, the truth is they don't care fuck all about this.

    They certainly don't give a shit about their 'customers' either....

    ReplyDelete
  6. Sorry to head off topic here, but who else in the HMRC got an email today about the possible toxicity of polyopes? Apparently people are having allergic reactions and feeling rather ill from exposure to the plastic envelopes we use for internal mail. God knows what they'll do about it.

    Another day, another cock up - that's life in HMRC.

    ReplyDelete
  7. Mr Casagranda,

    Much as I wish I earned Hartnett's salary I'm not him, no. How's the book going?

    Tonk,

    I must admit that I myself am not entirely comfortable with the fact that I'm obliged to post anonymously on this site and, given some of the strong criticisms I've made of this blog, I'm quite surprised nobody's raised it before. I think it is worth my while trying to answer properly.

    I would first of all like to commend Ken for the fact that he's never objected to me or any other poster criticising his blog anonymously. This, and the fact that he allows anonymous posting at all (*) is very much to his credit. Ken has openly invited HMRC employees to post anonymous comments exposing inside secrets. I therefore think it's perfectly appropriate for HMRC employees to also be able to post alternative points of view. Again, I am grateful to Ken for generally responding positively to this.

    First of all, I am an employee of HMRC and I don't work in the press office, management, nor any other job that involves making public statements about HMRC. Apart from the official secrets act angle (and I am very careful to ensure that any evidence I draw on for my posts is in the public domain!), my contract of employment prohibits me from making unauthorised comments in the press or making public statements that can be construed as political. (Ken claims that HMRC has been “politicised” - something I'd quite like him to explain further at some point! In this respect, at least, it has not yet been!) Some of my comments here sail pretty close to the wind on both counts.

    Aside from covering my own back, because I'm not an official spokesperson for HMRC it would not be appropriate for my comments to be interpreted as an official response from the department. Posting under my own name would present the risk of my comments appear as such.

    So that's why I don't use my name, but why do I bother to comment anonymously? The reason is that I feel it's important to correct some of the half-true, exaggerated, and sometimes plain wrong statements that appear on this and other blogs (and, shockingly, occasionally get picked up by the broadsheets). As I've said before, the civil service constantly gets used as a political football by people trying to make a point. I simply don't buy Ken's claim that he's trying to stick up HMRC employees. It irks me that the constant barrage of largely unjustified criticism from politicians and the media undermines my place of work, occupation, career, and future pay, and those of my colleagues. The government doesn't seem to want to stick up for us and the unions can't or won't do much, so sparring with you lot makes me feel like at least I'm doing something! Furthermore, in the interests of balanced journalism I think it's important that you guys get to hear an alternative interpretation! Hope you appreciate it! :)

    Finally, why does it actually matter whether I post anonymously or under my own name? I always try to back up my statements with reasoned arguments and, where possible and appropriate, evidence. If you disagree with what I'm saying, attack my arguments, discredit my evidence, and/or provide counter-evidence. At the time I write this, there have been four responses to my first comment (plus the polylope one). With the exception of the line about anonymity, I consider the first three to have been facetious (and yes, I accept that my line about the original title of Ken's post being “Dickheads!” was itself partly facetious, but I don't think the point was invalid), and they made no attempt to contradict my argument. I think that speaks volumes.

    Finally, if it's good enough for George Eliot and The Stig...

    Kind regards,

    X

    (* - Nick Morgan, for example, doesn't allow anonymous comments on what is a very one-sided blog, thereby denying insiders the chance to point out issues that clearly jump out to anyone with professional experience of income tax enquiries without needing to know anything about his individual case ... but I digress)

    ReplyDelete
  8. Right. As promised, now for the rest of the reasons I disagree with the original post.

    1) These are not unsolicited texts/calls! Unsolicited correspondence is where an organisation with which you don't have a relationship gets in touch with you. These individuals have given HMRC their mobile numbers while filling out a form. They therefore have an existing relationship with HMRC and by filling out the mobile number they're giving consent to be contacted. In that respect this already is opt-in! If the mobile number wasn't supposed to be used, why would it be either requested or provided?

    2)Cost cutting. Well yes of course it's about cost cutting, but what's wrong with that in itself? People like you criticise the department for profligacy but then also slate any attempt to save money! HMRC has to cut operating costs: that was a decision made at the highest levels of government and whether or not you agree with it is a question of politics. I'm willing to bet that the idea for this initiative didn't come from a particularly stratospherically high level within HMRC, let alone government. Someone in the department has had this idea with the intention of saving some of the taxpayers' money in the long run. It may replace another, more expensive process or, by prompting more people to update their tax credit records, it may save money longer-term by reducing levels of over-payments. To criticise an initiative purely because it was intended to save money is absolutely ridiculous! Sure, if something is changed with the intention of saving money and it turns out that it lowers the quality or level of service, then you have a problem, but on the facts available I don't see that this leads to a diminution in service levels. Maybe this particular pilot won't be successful, but the whole point of running a pilot is, after all, to see whether something works!

    3) I really don't agree that this presents a significant increase in the risk of phishing/ID fraud. As I've said above, the people involved are already engaged with the system. They already have tax credit claims and they will have received a renewal pack. Meanwhile, a scammer could at any time have sent a proper unsolicited text to anyone, claiming to be HMRC, whether or not HMRC had done this. The department sending real reminders to existing users of a regime (a clumsy way of putting it, but I guess I'm not allowed to say “customers of a product” here!), which include information on validating their authenticity, doesn't increase the likelihood of individuals falling for scams. Lots of banks send out thousands of emails to customers alerting them that their online statements are available. These give a web page along with a warning about scams and information on how to verify the authenticity of the genuine emails. Banks have learned about online security the hard way over the last 10+ years and they've come to the conclusion that doing it like this works!

    4) “few will expect to receive [a text] from HMRC”. Well of course people won't be used to receiving text messages from HMRC. That's because they've never sent them out before! Again, the whole point of running a pilot is to try out something new and see how it gets on. In 2005 nobody was used to getting a letter from HMRC because the department didn't exist until then! Every channel of communication has to start somewhere. Just because it's new doesn't necessarily mean it's a threat.

    ...

    ReplyDelete
  9. ...

    To me, this post, along with the article quoted, is yet another example of a knee-jerk, half-baked and largely unfounded criticism that is made just for the sake of criticising HMRC. As I've said, it is inevitable that people who have beef with the department will be critical of absolutely anything new that's tried out.

    This particular blog entry is a good example of what makes me very skeptical about your claim to be on the side of HMRC employees, Ken. Who do you think came up with this initiative? I'd be willing to bet that it wasn't someone in “management”(*). To me, it has all the hallmarks of something that came out of one of the programmes for encouraging more junior staff members to put forward business change ideas. Nevertheless, you've put forward a venomous (particularly before you changed the article's title!) yet largely spurious set of arguments against it, which clearly haven't been thought through as much as the pilot scheme itself (e.g. “How is anyone receiving a text or call purporting to be from HMRC to know whether or not it really is from the tax authorities?” - see what I've written above about the fact that these people will already have received a letter!). In order to pursue your agenda of attacking HMRC at the merest hint of an opportunity, you are once again unjustly slamming the work of the hard-working staff you claim to speak for.

    X

    (* - I'm never precisely sure what you mean by management. There's presumably an arbitrary line somewhere between the baddies in “management” and the staff. Where does this lie, particularly given that there are people in almost every grade within the department with responsibility for managing other staff?)

    ReplyDelete
  10. Anom, I have forwarded a link to your comments to PKF and invited them to comment.

    ReplyDelete
  11. Anon:
    Thank you for your polite reply to my post, the contents have been noted.

    I feel ALL public bodies, to some degree, have been politicised. I am a retired former employee of both the HMP and NHS, having specialised in forensic psychiatry. Whilst employed in the former, I too was subject to the Official Secrets Act.
    Many public bodies only appear to recruit via the Guardian, that in itself politcises the recruitment process.
    Public bodies spend a fortune in areas such as diversity and difference thus exposing people to the politics of the PC left.
    Public bodies constantly portray Labour as the government most likely to fully fund every hair brained scheme thought up by the politicised senior management.
    More and more public bodies are seeing more and more women of a certain type in positions of senior management, especially within the NHS trusts, often, but not always, these women appear to be selected on the basis of their gender and willingness to implement "social engineering" policies rather than ability. I don't know if this applies to HMRC, I can only speak about my former two employers.
    The police in general appear to have become the military wing of the Labour Party and, to a certain extent, a branch of HMRC as they appear to focus on collecting revenue in the form of fines via the criminal justice system.

    Regarding the use of texts etc; On the HMRC forms that request mobile numbers and Email, does it actually state that they may be used to send automated texts? I don't remember seeing it stated on any form I have completed recently. I personally would not give a mobile number because if I had to speak to those jolly nice people at HMRC, I would want to do it at home where I have the relavent paperwork to hand.

    There are many shortcomings in the public sector in general and huge sums will need to be saved to see us through. The Labour government always appear to measure success by how much money they have thrown at a thing rather than how that money is spent.
    I suspect a fortune could be saved in cutting out unnecessary courses covering political/PC things. Most of these add no value to the "service" provided by the public body.

    Ken's use of the term "Dickheads" is merely the way he writes and I suspect to grab attention; to that end, he appears to have succeeded!!

    ReplyDelete
  12. Dear Anonymous,
    I admire you for trying to stick up for the abomination that is HMRC, but, you have a vested interest in doing so.
    You work for them. They pay your wages.

    HMRC is a truly awful example of all that is wrong with centralisation, politicisation and muddled thinking.

    I don't know how it can be put right. It's like Cambodia after Pol Pot had run amuk. Anyone and everyone who actually knows what they are doing has either been got rid of or is keeping their heads down waiting for a chance to escape.

    Put bluntly, it's buggered.

    ReplyDelete
  13. This action is the latest in a long line of HMRC directives that completely go against Home Office Crime Prevention advice. As far back as October 2004 the Tax Credit hierarchy decided to contact clients to inform them that they were going to discontinue payments by Giro. This was to be done by making staff conduct outbound calls where they were to ask clients for their bank details. When this was queried and reference made to CP advice the response was thaat it was OK was HMRC could verify clients details. Correct when the clients phone in but the clients do not have the same facility to check who is calling them, particularly when outbound calls include number withheld. As HMRC have yet to implement all areas of the Health and Safety Legislation despite it having been in force since 1974 (plus amendments) it is hardly surprising that they do not avail themselves of the advice available from other Government Departments who specialise in these areas.

    ReplyDelete
  14. "Anyone and everyone who actually knows what they are doing ......is keeping their heads down waiting for a chance to escape."

    Bang on right!! That's me.....and absolutely everyone I know in the department.

    And on the subject of anonymity - it has been rightly said a number of times on this blog that revealing your name tends to result in investigation followed by dismissal in very swift succession.

    ReplyDelete
  15. Dear Anon at 22 May 2009 02:02:

    We are now only allowed to use "HMRC branded green" polylopes and they are like gold dust in our office - yet try and send a memo in an old fashioned transit envelope - or God forbid, a yellow polylope - and you will be taken outside and shot.

    There was once a surfeit of yellow polylopes and I hear that someone had the temerity to suggest that they should be marked "treat as green". I understand that the walls shook at the mere mention of such heresy.

    ReplyDelete
  16. I have left HMRC, and work for another gubernatorial department. I have not been investigated, nor threatened with dismissal. The yellow polybags used to work wonders years ago. The new department I work for hasn't even noticed my criticisms of HMRC. I will still keep speaking out

    ReplyDelete
  17. Good on ya Tom!!!

    ReplyDelete
  18. Sorry folks. There's been a huge delay here because things have been pretty hectic for me for the last little while. I hope some of you will chance to read it.

    Tonk,

    If you don't mind, much as I would be interested to hear you expand upon “women of a certain type”, I'd like to set aside the politicizing of the department for now, for fear of going too far off topic. I have little doubt it will be raised again on here before too long and we can lock horns then! :)

    Regarding the point about the forms, I do not know whether it is explicitly stated that the mobile numbers and email addresses can be used to send automated messages. Like you, I have not seen any, and I expect they probably don't. However, you don't see it explicitly stated that you will receive automated letters when you give your postal address, either! Plenty of scammers hook people with letters in the post and you're not complaining about the fact that everyone gets letters and forms from HMRC which are printed out automatically. If anything post is probably less secure – it's no more difficult to send a scam email than a scam snail mail, but ensuring you can't be traced with the former requires a lot more sophistication. Meanwhile, I'd be willing to bet that HMRC's lawyers were all over this pilot before it started, and they will have checked that sending these automated messages without explicitly stating on the forms that that will happen.

    Dave,

    Yes, I have a vested interest because I work for them. I would point out that we all have a vested interest because we pay taxes and effectively own HMRC. Also, just because I have a vested interest doesn't prove that I'm wrong. That's like saying that David Cameron is always wrong when he argues that a government policy is bad because he has a vested interest in getting Brown's job! If you can explain why my arguments about the issues that I weight into on this site are wrong, please do. So far I have not been convinced by the arguments that others have put forward to counter mine on this particular issue.

    Torrambeg,

    First of all it is interesting to learn that the Home Office was four years ahead of the curve on this one! I noticed a news item at the end of 2008 about a pressure group that was complaining that when banks call you, for example to check that credit card transactions are genuine, THEY do a security check on YOU!

    Anyway, the advice you refer to is irrelevant in this case, because the texts/voicemails DO NOT ask for bank details! All they do is remind you to act on the letter that you've already received! I really do not see how you try to claim that the scenario you refer to is the same thing.

    ReplyDelete