There was a rather interesting article in yesterday's Sunday Times, about hackers gaining access to HMRC systems and diverting tax refunds.
The article also refers to an earlier piece on this site (published in June 2011) about 91client accounts being hacked. The Sunday Times uses the "polite" alternative domain name of this site www.hmrconline.com.
Here is the article in full:
Tax rebates stolen by Revenue and Customs hackers
HMRC has emerged as the most recent target of hackers after fraudsters tap refunds system and divert funds into their own accounts
Fraudsters have found a way to hack into government tax records and divert refunds meant for others into their own bank accounts.
An investigation by The Sunday Times has revealed that criminals are secretly examining HM Revenue & Customs’ records looking for anyone who has paid too much tax. They then change the details of the bank accounts into which the repayments are to be made.
Alternatively, the hackers file fictitious tax returns showing large overpayments directly into the HMRC computer in the names of genuine taxpayers, then ask for refunds.
Victims become aware of the scam only when they are officially contacted by HMRC and told an overpayment is being transferred into their account.
HMRC is now facing questions over its security procedures and how the hackers are able to infiltrate its records. Experts claim it has failed to react as promptly as the banks to the risk of online fraud.
Roger Symes, 53, a ship broker from Surbiton, in south-west London, received a letter last month from HMRC advising him of a refund. He said: “They gave details of a bank account into which they were paying the money, but it wasn’t my bank account.
“My accountant said he had the same problem with 18 other clients.” The refunds applied for were between £100 and £4,000.
The hackers are accessing the tax files using the sign-on and passcodes assigned to accountants who file clients’ tax returns online. How they are obtaining these security details is unclear. It is not known whether it is via computer attacks on individual accountancy firms or by breaching HMRC’s own systems.
One hacker who spoke to The Sunday Times this year said he had accessed HMRC’s systems and had been able to obtain details of agent sign-ons and passcodes. A security expert said the claim was credible but HMRC denied its systems had been compromised.
Once a hacker has an agent sign-in, he can read the tax records of all the accountant’s clients, amend them and change the bank account details. Accountants who have spoken to this newspaper said hackers have been accessing taxpayer records for at least two years.
Claire Savage, a chartered accountant in Milton Keynes, Buckinghamshire, spotted irregularities in one of her clients’ files in June last year.
She said: “I called him up to ask about his new bank account, which turned out not to be his at all. When I realised that security had been breached I went through all of my clients’ files. A fair chunk of them — around 10 — were affected, and repayments of up to £3,000 had been requested in each case.” None of Savage’s clients lost money to the fraudsters.
Ralph Hayden, a chartered accountant at GW Cox & Co in Frinton-on-Sea, Essex, said 41 of his clients had been affected by a similar scam, which was first noticed in November 2009.
He said: “HMRC said that it must be our systems that had been breached but we called in computer experts who confirmed that it definitely wasn’t.
“In most cases, a tax return had not yet been filed, so a false return was submitted. In others, their returns had been edited, so that a repayment was now due. HMRC were not advising their frontline staff in case it was an inside job.”
On hmrconline.com, a blog about the HMRC, one taxpayer reveals that his accountant was also targeted. The posting states: “We recently returned from holiday to the news that 91 of our accountant’s client accounts had been hacked at the HMRC government gateway website.
“Hackers had accessed information on 91 individuals or organisations and had entered false end-of-year accounts in order to claim self-assessment refunds.
“We then received a letter from HMRC to advise us that the refunds were on their way to what we knew were false accounts. They actually paid out. HMRC now apparently know what they have done but to add insult to injury they have now started to send demands for repayment to the people [whose] accounts had been hacked.”
Unlike HMRC, the big banks ask customers conducting transactions online to provide additional passcodes for each financial transaction. These are generated by inserting a bank card into a hand-held reader provided by the bank.
Jason Hart, managing director of Cryptocard, a computer security company, said: “If you just had a static passcode, then once it’s compromised, you’re going to be a massive target for the fraudsters. It’s an invisible threat because they can get into your system at any time and you don’t even realise.”
A spokesman for HMRC said: “We take the security of our customers’ data extremely seriously and we do not discuss the details of our security defences ... We actively monitor repayment transactions and continue to address any fraudulent repayments.”
Tax does have to be taxing.
UK EXPATS: Reduce tax on UK Pensions
HMRC QROPS provider. Unlock your UK pension and access a 25% lump sum today.
Quote ID code "ABC" when contacting a QROPS specialist.
Professional Cover Against the Threat of Costly TAX and VAT Investigations
What is TAXWISE?
TAXWISE is a tax-fee protection service that will pay up to £75,000 towards your accountant's fees in the event of an HM Revenue & Customs full enquiry or dispute.
To find out more, please use this link Taxwise
Tax Investigation for Dummies, by Nick Morgan, provides a good and easy to read guide for anyone caught up in an HMRC tax investigation. A must read for any Self Assessment taxpayer.
Click the link to read about: Tax Investigation for Dummies
HMRC Is Shite (www.hmrcisshite.com), also available via the domain www.hmrconline.com, is brought to you by www.kenfrost.com "The Living Brand"