Skip to Content
Tax scam targets Gmail, Hotmail and Outlook users.
© Daniil Peshkov |
Security & privacy

Use Gmail, Hotmail or Outlook? Be on the lookout for a new tax scam

Your inbox is a prime target for scammers, who use email to find victims. Email phishing scams can consist of warnings that one of your accounts has been compromised or even tempt you with promises of a prize. In each case, the scammer is trying to get your personal or financial information, if not both.

A malware variant recently resurfaced despite the belief that it had been eradicated. This malware tricks victims into opening a malicious link with just one word in the email subject line. Tap or click here for our report and learn how to avoid falling victim to this dangerous phishing scam.

A new tax scam is spreading in the U.K. via email. Though it might seem like that’s far away, scams that work abroad usually find their way to the U.S. in some form. Read on to learn how the scam works and how to spot and report it.

Don’t click that link

Scammers are targeting people in the U.K. with promises of tax refunds, according to a report from Her Majesty’s Revenue and Customs (HMRC). From April 2021 to April this year, HMRC responded to nearly 277,000 referrals of suspicious contact from the public.

Action Fraud, the U.K.’s national reporting center for fraud and cybercrime, tweeted a warning about the scam. The organization received more than 400 reports about fake tax refund emails.

The email message states that the recipient has a refund coming to them but they have yet to claim it. The provided link leads to a malicious website where scammers attempt to steal personal and financial information.

You may not be targeted by this exact scam, but there are countless others just like it.

Don’t be their next victim

You can sharpen your scam sensing skills with the following tips:

  • Keep in mind that the government will never email you about a tax refund.
  • Don’t click on links or download attachments you receive in unsolicited emails or text messages. They could be malicious.
  • Watch out for red flags such as spelling and grammar errors.
  • Keep your operating systems, apps and devices updated with the latest official software and patches.
  • Use two-factor authentication (2FA) for better security. Tap or click here for details on 2FA.
  • Always have a trusted antivirus program updated and running on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan with TotalAV for only $19 at That’s over 85% off the regular price!

Report the scam

The more people that report a scam, the bigger difference it makes. You can report scams to any of the following organizations:

  • If you receive an unsolicited email claiming to be from the IRS, report it by sending it as an attachment to
  • Forward suspicious emails to the Anti-Phishing Working Group at
  • Report phishing attacks to the FTC at

Keep reading

Work in one of these 10 fields? Scammers are targeting you

Warning: These are the tactics scammers use to fool older people on the phone

Komando Community background

Join the Komando Community

Get even more know-how in the Komando Community! Here, you can enjoy The Kim Komando Show on your schedule, read Kim's eBooks for free, ask your tech questions in the Forum — and so much more.

Try it for 30 days