True MSP

Derby residents warned to be on ‘high alert’ after HMRC confirms 200,000 bogus tax scams reported  

Derby and Derbyshire residents have been warned to be on “high alert” after HM Revenue and Customs (HMRC) confirms 200,000 bogus tax scams have been reported.  

As scams become more sophisticated, assisted by a rise in AI technology, Derbyshire based IT service provider True MSP has warned that new opportunities have opened up to cyber criminals who could be looking for ways to access your bank account.   

The warning comes at a peak time of the year, as cyber criminals are increasingly using AI to trick people into believing they are due a tax rebate following the self-assessment deadline at the end of January. 

The people being targeted are led to believe the scam email has been sent by HMRC and, if they open any links, they are inadvertently revealing a host of personal details to the scammers.   

Neil Shaw, director at True MSP said: “HMRC’s reporting system highlights just how important it is for Derbyshire residents and business owners to be on high alert. The rise of AI means criminals can target more people with less effort. 

“It’s becoming a serious problem and could affect hundreds of thousands of people in the county.  

Nationally, more than 11.5 million people submitted a tax return ahead of last month’s deadline, which potentially opens the door to a whole range of opportunities for fraudsters and cyber criminals.” 

Such phishing scams are designed to use personal details for selling on to criminals, or to access people’s bank accounts.   

HMRC responded to 207,800 referrals from the public of suspicious contact in the past year to January – up 14 per cent from the 181,873 reported for the previous 12 months. More than 79,000 of those referrals offered bogus tax rebates.   

Kelly Paterson, HMRC’s Chief Security Officer, said: “With the deadline for tax returns behind us, criminals will now try to trick people with fake offers of tax rebates.  

“Scammers will attempt to dupe people by email, phone or texts that mimic government messages to make them appear authentic.   

“Don’t rush into anything, take your time and check HMRC scams advice on GOV.UK.”  

In the last year to January, HMRC also reported 26,443 malicious web pages to internet service providers to be taken down. This is a 29 per-cent increase from the 20,385 referred by HMRC for removal the previous year. 

Fraudsters copy the design and branding of genuine websites so criminals can trick people into giving away their personal details. This information is then used to access people’s bank accounts or sold on the web.  

Neil said: “Cybercrime is not new, but it is getting much more sophisticated. In 2020 there was a 600 per cent rise in cybercrime due to COVID-19 and the rise of remote work. 

“AI is one of the quickest ways for your business to instantly lose vast amounts of revenue. In some cases, it can completely dismantle a business that isn’t prepared. Keeping one step ahead of the cybercriminals has never been more important.”  

HMRC has stated it will not email, text or phone a customer to tell them that they are due a refund or ask them to request a refund. Customers receive repayments into their chosen bank account, and can see any transactions in their online HMRC account and in the HMRC app. 


TrueMSP offers a range of cyber security services to businesses. To find out more, visit