How to protect yourself from email spoofing attacks
Safeguarding Your Finances: How to Protect Against Email Spoofing and Make Secure HMRC Payments
An email spoof attack is when an email is received that appears to be from a trusted sender such as keith.wood@westlansacc.co.uk, but the fraudster has edited the email headers to mimic the address and instead the email is coming from another email account that may closely resemble the spoofed email address e,g, keithwoodwestlancsacc@hotmail.com
We would recommend that you always inspect the Reply-To address closely on emails advising payments to be made. If the Reply-To address is different from the sender’s email address, it could be a sign of a spoofed email.
Cybercriminals use this technique to redirect responses to their email addresses. In addition, you need to check the sender’s address carefully and look for domain name discrepancies. Spoofers often use email addresses that closely resemble legitimate ones, with slight misspellings or alterations. Look for any unusual characters or domain names that do not match the official domain. Verify that the domain name in the sender’s address matches the organization or entity they claim to represent. For example, official emails from us will always be from @westlancsacc.co.uk and HMRC will have @hmrc.gov.uk as their domain.
Here’s a simple step by step guide to help you protect yourself and make secure payments to HMRC:
1. Recognizing Email Spoofing:
Cybercriminals fake sender addresses to appear as trusted sources.
Look for signs of manipulation in email headers:
From Address: Check for any unusual domains or addresses that don’t match the sender.
Reply-To Address: Be cautious if it differs from the sender’s email; it might be a scam.
Sender IP and Domain: Spoofers may manipulate these to deceive you.
Received Headers: Fake headers may be added to make the email seem legitimate.
Message ID: Spoofers might alter this to mimic a genuine email.
Subject and Content: Poor grammar or strange formatting can indicate a fraudulent message.
2. Verify Sender’s Address:
Always check the sender’s email address thoroughly.
Our emails will always come from "@westlancsacc.co.uk."<br />Legitimate HMRC emails end with "@hmrc.gov.uk.”
3. Check the REPLY-TO Field:
Be cautious if the reply-to address differs from the sender’s email.
Spammers often use their own email and domain in the reply-to field.
4. Look for Urgency and Threats:
Emails pressuring immediate payment or threatening penalties are red flags.
5. Analyze the Content:
Watch for poor grammar, spelling mistakes, or irregular formatting.
6. Assess Hyperlinks:
Hover your mouse over links to see the actual destination URL.
Verify that the link leads to the genuine HMRC website or official payment portal.
7. Secure Payment Practices:
Always initiate payments through the official HMRC website.
Double-check payment details like amount owed, reference number, and due date.
Prefer secure payment methods like bank transfers or direct debits.
Enable Multi-Factor Authentication (MFA) if available for added security.
Only make payments on secure and trusted networks, avoiding public Wi-Fi.
Keep your devices updated with the latest security software.
8. Beware of Phishing Attempts:
Be cautious of urgent emails claiming to be from HMRC; verify their authenticity.
Look for “https://” in the website’s URL for secure connections.
By following these steps, you can protect your finances and sensitive information from cybercriminals.
If you have any questions or concerns, don’t hesitate to reach out to us at West Lancs Chartered Accountants. Together, we can maintain a secure financial environment for your business. Stay safe and secure!