The email seeks to target members of the public who are eligible for the extended business support grants.
The email purports to be from ‘HMRC Government Gateway’, email address ‘UK Government’ firstname.lastname@example.org.
NAFN Data and Intelligence Services have confirmed that details of previous grant recipients have not been made public. However the phishing email successfully reached a business owner who followed the ‘Claim now’ link to complete the application form, providing the fraudsters with all the information required to make a successful application in their name.
An example of the phishing email is below:
With the introduction of further grant schemes, fraudsters may seek to acquire public funds intended to support businesses and people experiencing hardship due to Test and Trace, Tier restrictions and lockdown.
Please alert staff within your organisations and ensure applicant bank accounts are verified and validated.
Please ensure phishing emails are reported to email@example.com. If you would like to report any instances of the above information being used in similar fraud attempts, please email them to firstname.lastname@example.org and the details will be forwarded to the relevant teams.