Marked rise in fake tax office emails plus Halloween and Christmas spam, says Symantec
There has been a surge in the number of phishing emails masquerading as coming from Her Majesty’s Revenue and Customs (HMRC) this month according to Symantec.
In its monthly Messagelabs Intelligence Report for October, the security company said these emails accounted for 81 per cent of all phishing emails in the UK on 13 October.
This coincides with genuine reminders from HMRC about the 31 October deadline for handing in self-assessment paper forms for the 2008-2009 tax year.
The links in these emails take the victim to a website that cleverly mimics the HMRC site but the suffix of the web address is a give away; often being hmrc.co.uk rather than the official .gov suffix.
The Symantec report also showed an increase in Halloween-themed spam throughout October, peaking at 500 million emails globally, circulating on a daily basis as we come to the end of the month.
It said the majority of Halloween-themed emails have originated from one of the largest botnets called Rustock and also the Donbot and appear to be pushing pharmaceutical or software products.
The company warned that Christmas-related spam has started to appear early this year, mostly originating from the Cutwail botnet. These are trying to ‘sell’ replica watches, according to Symantec.
Paul Wood, Messagelabs intelligence senior analyst said: "As is typical with spammers this time of year, we are seeing them try to capitalise on the holiday season.”
However he said the good news is that the number of phishing attacks in general is falling. He believes this is partly due to the reduction in phishing toolkits available for use.
However, he warned that phishing runs in languages other than English, such as French and Italian, do appear to be increasing.
“When it comes to phishing runs,” he said, “we have seen a significant shift in the bad guys’ approach.
