HMRC received 170,000 scam referrals in the year to July 2025. Phishing scams are getting smarter. They are no longer just clumsy emails, they now mimic official branding, include QR codes, and look convincing.
For small businesses, falling for one can mean stolen funds, lost data, and reputational damage. The National Cyber Security Centre (NCSC) offers guidance to help spot the signs.
Red Flags to watch out for:
- Authority: Claims to be from HMRC, your bank, or IT provider
- Urgency: Threats like “act now or lose access”
- Emotion: Fear, excitement, or curiosity triggers
- Scarcity: Limited-time offers or refunds
- Current events: Scams tied to tax season or major news
If something feels off, don’t click links or open attachments. HMRC and banks won’t ask for passwords or account details via email or text. If in doubt contact them using official numbers.
With a few simple steps you can significantly reduce your risk and make it more difficult for scammers. Protect yourself by
- Limiting personal info shared online
- Using multi-factor authentication
- Keeping devices updated with the latest security patches
Phishing relies on panic. Pause, verify, and stay alert — it could save you time, stress, and money. Discover more tips and information on the NCSC website – https://www.ncsc.gov.uk/collection/phishing-scams/spot-scams.
