Welcome to the first edition of our Financial Crime Awareness Bulletin. This bulletin considers recent developments and trends in the Financial Crime sector and is designed to bring them to your attention. It is intended to draw your attention to key topics affecting the industry, highlight important issues and changes to legislation and re-emphasise the need to remain vigilant to the potential of being exposed to or indeed subject to financial crime. 

Cyber Criminals Hack HMRC to access Tax Returns 

Cyber criminals are reportedly stealing money by hacking into the systems of HM Revenue & Customs to hijack self-assessment records.

The Sunday Times reported in February 2016 that HMRC intercepted approximately 17,000 attempts to make fraudulent or incorrect tax repayment claims, worth nearly £100 million in 2015.

However, HMRC have been unable to fend off all the attacks, with one major accountancy firm conceding that 12 of its own clients had been targeted.

Fraudsters are using “phishing” scams to obtain personal information, such as the details used by taxpayers to access the HMRC systems, primarily deceiving people into handing over the information directly. Criminals can then access the tax system to alter earnings information so that HMRC offers a repayment, with money then transferred into newly created bank accounts.

Please be aware that if you receive an email from HMRC to check the legitimacy of the email before responding or clicking on any links. 

Financial Crime 1

Banking Customers Targeted by SMiShing 

SMiShing means a variant of phishing scams that utilises SMS services to send bogus text messages. The recipient of the message is then duped into downloading a Trojan horse, virus or other malware onto their cellular phone or other mobile device.

The latest SMiShing scam is whereby victims have reported receiving text messages, purporting to be from their banks advising them that new direct debits have been set up. The message asks victims to contact the bank on a number provided if these direct debits have not been authorised.

When the victim contacts what they believe is their bank, they are asked to provide personal details. Fraudsters then take control of the account and send payments. Please make sure you always use a telephone number of your bank from a bank statement/back of your cars or a verified source and definitely not a text message.

Financial Crime 2

Action Fraud warns About Banking Malware

In a recent report run by Action Fraud and the City of London Police, it has been found that Banking Malware accounts for 41 percent of recorded malware infections in the UK.

Banking Malware is a type of software used by cyber criminals to target online bank accounts and allows them to obtain personal and financial details.

A computer or mobile device may become infected if it doesn’t have sufficient anti-virus protection, regular patches or software updates applied.  Once infected, a cyber-criminal can remotely take control of the internal functions of the device. With this they can start to steal personal data and access online bank accounts, encrypting files and distributing malware to other computers.

When a user gets malware on their computer there is normally a financial cost involved. This may involve having accounts hacked, having to buy anti-virus software products to protect the device or paying a ransom to regain valuable data and files. Or for businesses they may experience a loss in revenue from a Denial of Service attack (DoS) on the company’s website.

Computer users will unintentionally download malware by doing the following: 

  • Clicking on an infected file attachment in emails.
  • Clicking on an infected website link.
  • Clicking on an infected link whilst on a social media site.
  • Inserting an infected removable drive into the computer.
  • Downloading an infected file attachment on a text or via a mobile application. 


Most Banking Malware steals information by following four different methods: 

  • Cookie Grabbers: cyber criminals steal information generated by the user whilst they are using the internet. This data may include banking passwords which then allow the criminal to access the user’s online bank account.
  • Virtual Network Computing (VNC): When cyber criminals remotely access the device and infect it with the malware, this commonly happens when a user is using a public Wi-Fi network.
  • Spy Modules: Allow the cyber criminals to observe web browser activities and the criminals are alerted when a user visits a specific website such as a banking website, which then allows them to make an attack.
  • Drive Scanner: Is used by the criminals to search files and folders on the infected device and looks for documents with passwords or other useful information.


In a three month period, the City of London Police were able to detect 280 different malware families, with banking malware accounting for 41 percent of all infections.

The diagram below shows the type of banking malware families which were most commonly used by cyber criminals in a 3 month period. 

Financial Crime graph

How to protect yourself from Banking Malware: 

  • Don’t click on links you receive in unsolicited emails or SMS messages. The links may lead to malicious websites and any attachments could be infected with malware.
  • Only install apps from official app stores, such as Google’s Play Store, or Apple’s App Store. Jailbreaking, rooting, or disabling any of the default security features on your mobile device may leave it more susceptible to malware infections.
  • When logging in to your online banking account, be extremely cautious if you’re asked for details such as the 3 digit (CVV) number on back of your card, the long number on the front of the card, your card’s expiry date, or the 4 digit PIN for your card. If the online banking login page you’re on does ask for those details, then don’t login until you’ve called your bank to verify that you’re logging in to a genuine web page.


Your bank will never ask you to transfer money out of your account and into another – Fraudsters will.

If you receive messages, browser pop-ups or calls asking you to do this, then don’t respond to them – Call your bank immediately. 

What to do if your computer has been infected with malware: 

  • You can disinfect your computer for free by using software from providers such as Microsoft and Symantec. The disinfection tools will identify whether a computer has been infected and, if so, disinfect it. The tool will cause no harm if used on computers that have not been infected.
  • If your computer has been affected you should change all of your passwords on banking, email, social media and other potentially sensitive online accounts.


If you would like to know more about further financial planning services we offer please e mail or call us to discuss. 

London   020 7871 5387           Brighton   01273 457100         Horsham    01403 333666

Query Form