Spotting fake HMRC letters: a guide to authenticating official communications

HMRC has recorded a rise in the number of customers reporting ‘suspicious contact’ from fraudsters. By February 2024, reports had increased to more than 200,000, highlighting the growing and evolving threat of tax scams.

There are a number of indicators you can look out for to help identify potential fraudulent communications from HMRC and we’ve outlined these below.


Identifying the key indicators of fake HMRC letters

  • Urgent payment demands

If it’s the first time you’ve heard from HMRC about an ‘urgent payment’, it’s likely to be a fraudulent letter. HMRC will rarely demand payment within a short time frame. Instead, they will give you details on how to contact them to discuss a genuine late payment and a way forward.

HMRC has a couple of verified bank accounts and a letter that details any alternative accounts is an immediate red flag. Always err on the side of caution when money is requested and contact HMRC using the details on their website to discuss the contents of the letter.


  • Spotting errors: logo, grammar mistakes and addresses

When identifying fraudulent letters claiming to be from HMRC, look for discrepancies in logos, grammar, addresses (both email and postal). Fake letters often contain logos that are poorly reproduced or slightly altered. Additionally, these letters may have grammatical mistakes, unusual phrasing, or spelling errors that would not typically appear in official HMRC correspondence.


Steps to authenticate suspected HMRC letters

  • How to verify addresses and contact information: the importance of cross-referencing with official HMRC sources.

Comparing the address on a letter that you have received, with those on the GOV.UK website, can help you to spot inconsistencies. We recommend that you get into the habit of doing so with every letter you receive.


Common types of scam HMRC letters

  • Fake bank detail updates

Scammers will often send fake letters claiming to be from HMRC, prompting you to redirect payments to new account details that lead directly to their own account. These fraudulent letters typically contain urgent language and may use official-looking logos and headers to appear legitimate.


  • Fraudulent tax owed notifications

Similar to the above, some scammers will send fake notifications claiming that you owe tax to HMRC, using scare tactics to prompt immediate action. These letters can be quite convincing, often mimicking official HMRC correspondence.


How to respond if you receive a suspicious letter

  • Contacting HMRC directly for verification

If you receive a letter from HMRC, even if it’s one not demanding payment, follow the above steps in the first instance.

To protect yourself from these scams, never make payments or provide personal information in response to unsolicited letters. Verify the legitimacy of the communication by directly contacting HMRC using the official contact details listed on the GOV.UK website. If you are in doubt, seek advice before taking any action.


  • Reporting to action fraud to aid in scam prevention

It’s advisable to email the details of the suspicious letter to [email protected] so they are aware of the possible scam.

Remaining vigilant is key and adopting a few new habits could make all the difference.


Building your defence against HMRC scams

  • Educating yourself and your team on scam tactics

Educating yourself and your team on scam tactics is crucial in today’s digital landscape, where fraud is prevalent. By familiarising your employees with common tactics like phishing emails, fake websites, and social engineering, you can significantly enhance their ability to recognise potential threats. Staying informed about emerging threats and conducting regular training sessions with real-life examples of different scam scenarios is essential for maintaining strong defences. Being vigilant and encouraging the prompt reporting of suspicious activities can help prevent security breaches before they cause significant damage. Additionally, utilising resources from government agencies and cybersecurity experts further enhances awareness and protection, ensuring your organisation is well equipped to handle and mitigate risks of fraud.


  • Establishing a protocol for handling official communications

Establishing a protocol for managing official communications involves creating clear guidelines and procedures to ensure efficient and secure handling. This includes designating responsible contacts, verifying the authenticity of incoming communications, maintaining thorough documentation, defining response procedures, implementing security measures, and regularly reviewing and updating the protocol. By doing this, organisations can streamline operations and maintain consistency and compliance in their communication practices.


How we can help you  

If you have any further questions about identifying fraudulent communications or believe you may have received a fake letter, contact us today at [email protected] or give us a call on 01926 422292.

Contact Us

Want to find out more about us or enquire about working together? We’d love to hear from you. Head over to our enquiry page, fill in the form and we will be in touch!

Our Accreditations