Action Fraud - the UK’s national reporting centre for fraud and cybercrime - has received reports of phishing emails/texts claiming to be from HMRC .
After either downloading a file attached to the emails or clicking on a link, victims’ devices have been infected with Dridex (a type of banking malware) or Locky ransomware (which locks devices and demands a ransom) from a hacked website.
When victims click on the link in the HMRC spoofed texts they are redirected to a registration page requesting personal details.
The emails and texts appear genuine and the victims who provided their personal details have consequently had direct debits, mobile phone contracts and new bank accounts set up using their personal information.
HMRC have pointed out that they would never contact people using these methods.
Action Fraud advise anyone who believes their details may have been compromised to report the incident to Action Fraud via www.actionfraud.police.uk/report_fraud where they can receive a police crime reference number.