|
answer text |
<p>From April 2018 to November 2018, HMRC has received:</p><p> </p><ol><li><p>reports
of suspicious:</p><p>(i) e-mails – 636,789</p><p>(ii) text messages – 28,639</p><p>(iii)
phone calls asking for personal information or threatening a lawsuit were received
by HMRC – 44,435</p><p> </p><p>HMRC has a dedicated Customer Protection team targeting
scams, which has:</p><p> </p><ul><li>Reduced reported HMRC-branded phishing texts
by 90% due to innovative work with network operators and the National Cyber Security
Centre (NCSC).</li><li>Requested removal of over 14,000 websites during financial
year 2017/2018.</li><li>Blocked half a billion phishing emails through technical controls
since 2016.</li><li>Published guidance on GOV.UK on how to identify scams that has
been visited 1.4 million times during financial year 2017/2018.</li><li>Responded
to nearly 1 million phishing referrals in the same period.</li><li>Recovered over
130 websites infringing the HMRC brand including those which host low value services
such as call connection sites, saving customers in excess of £2.4M in charges to date.</li></ul><p>
</p><p>However, the information required to answer (b), (c) and (d) cannot be provided
as releasing it may prejudice the prevention or detection of crime. The information
could be used by individuals for criminal activity and departmental IT systems could
be exposed or left vulnerable to interference or attack.</p></li></ol><p>Doing so
could give criminals valuable insight into HMRC’s capabilities and processes in this
area and cybersecurity in general, opening up the Department and the wider public
to more informed and effective scams and attacks. While publishing the information
requested could, on the face of it, reassure the public that HMRC is suitably resourced
to handle risks posed by cybercrime, on balance it is not in the public interest.</p><p>
</p>
|
|