Unlike enterprises with programs to manage human risk (take a look at https://outhink.io ), the self-employed are relatively easy prey…:
Fraudsters are continuing to exploit self-employed people with advancements in already-established COVID-related HMRC phishing scams.
Uncovered by Griffin Law, the latest variation of this attack is now targeting the passport details of self-employed people, along with other information including personal and bank details.
According to Griffin Law, the scam begins with a text message purporting to be from HMRC informing the recipient they are due a tax refund which can be applied for online via an official looking site that uses HMRC branding and is entitled “Coronavirus (COVID-19) guidance and support.”
The bogus site then asks for several pieces of the user’s sensitive information before also requesting their passport number as ‘verification’ – a new aspect of the scam previously discovered by Griffin Law.