Nasty HMRC Phishing Spam

I received some very nasty spam allegedly from HMRC titled “Reminder: Please Resubmit Your Refund Payment” today, as you can see below:

Rather than open the attachment, I saved it to my PC and had a read through the source code, as it’s a web page. The HTML revealed nothing much and references various URLs, until you get further down and spot that if you actually submit the form, it will be sent to this address:

The page then goes on to grab various image files (security-related mostly, e.g. credit card logos) from sites including, and I’m sure they’ll all be delighted to know their bandwidth is being used to power phishing spam…

Don’t get caught out by this phishing scam – I’m sure most of you wouldn’t, but just in case you’re tempted by a refund from the taxman, resist!

2 thoughts on “Nasty HMRC Phishing Spam

Leave a Reply