HMRC Successfully Stops Over 300 Million Phishing Emails

Too often we see the negative side of cyber security articles highlighting the latest attacks and data leaks.  These stories need to be highlighted to the public to ensure that they are aware, and can take the necessary steps if they are affected.  However, there is occasionally good news about organisations being proactive in tackling cyber-crime.  Many of us have received emails claiming to be from HMRC, contacting us about an underpaid tax bill or a rebate that is due.  Ed Tucker is the Head of Cyber Security at HMRC.  His key responsibility is to ensure that 50 million UK taxpayers can communicate securely with them.  The deluge of phishing emails that taxpayers receive makes that quite some challenge.

Mr Tucker has spent three years implementing the email authentication protocol Domain-based Message Authentication, Reporting and Conformance (DMARC) across HMRC with great success.  DMARC is a security process that works by determining which email servers are allowed to send messages on behalf of the organisation.

As a body that collects over £533 billion on behalf of the British government a year, Mr Tucker said that he set off on the challenge with the mind-set that HMRC must communicate with its customers safely.  He said “If the email didn’t come from, it shouldn’t be getting into anyone’s inbox.”

Because of Mr Tucker’s work, the number of spam emails claiming to be from HMRC has reduced by over 300 million this year!

Another benefit is to the businesses, who now don’t have to read and delete phishing emails, wasting time and eating into the UK’s productivity.

My recommendation is to set your junk email options to ‘high’ or ‘safe lists only’.  Right click on each junk email and ‘block sender’.  After a few weeks you should notice your inbox becoming less cluttered.

Leave a Reply