π£ Avoid & Report Internet Scams and Phishing β Protect GOV.UK, HMRC & Personal Accounts
Phishing scams and fake websites remain one of the biggest cybersecurity threats affecting UK internet users. Criminals increasingly impersonate GOV.UK, HMRC, banks, delivery services, Microsoft, streaming companies, and online marketplaces to steal passwords, banking details, identity documents, and verification codes.
The UK National Cyber Security Centre (NCSC) and GOV.UK encourage users to report suspicious emails, text messages, fake websites, scam phone calls, and phishing attempts as quickly as possible to help remove malicious infrastructure and protect other people online.
Forward suspicious emails to report@phishing.gov.uk, suspicious text messages to 7726, and report fake websites through the NCSC reporting system. Never enter passwords, banking details, or GOV.UK credentials on suspicious websites.
π What Is Phishing?
Phishing is a cybercrime technique where attackers impersonate trusted organisations to trick people into:
- π Revealing passwords
- π³ Sharing banking details
- π² Approving fake login requests
- πͺͺ Exposing identity information
- π₯ Downloading malware
- π§ Giving away verification codes
The NCSC explains that phishing commonly uses scam emails, texts, websites, adverts, or phone calls designed to appear legitimate.
Criminals frequently imitate GOV.UK, HMRC, banks, parcel delivery companies, and Microsoft almost perfectly. Fake websites often look nearly identical to real login pages.
π§ How to Report Suspicious Emails
The UK Suspicious Email Reporting Service (SERS) allows users to report phishing emails directly to the National Cyber Security Centre.
π¨ Official Reporting Address
Forward suspicious emails to:
report@phishing.gov.uk
The NCSC says reported phishing emails are analysed and may lead to malicious websites or scam infrastructure being removed.
The reporting service helps:
- Block malicious domains
- Remove phishing websites
- Investigate cybercriminal infrastructure
- Reduce scam campaigns affecting UK users
As of early 2026, the NCSC reported receiving over 52 million scam reports leading to hundreds of thousands of scam removals.
π± How to Report Scam Text Messages
Most UK mobile networks support free reporting of suspicious texts through shortcode 7726.
π² Forward Scam Texts to:
7726
The NCSC explains that forwarding scam texts helps providers investigate and potentially block malicious senders.
| Threat Type | Typical Goal | Common Example |
|---|---|---|
| Email phishing | Password theft | Fake GOV.UK login page |
| SMS phishing (smishing) | Identity theft | Parcel delivery scam |
| HMRC scams | Refund fraud | Fake tax rebate |
| Fake websites | Credential theft | Clone login portals |
| Tech support scams | Remote access theft | Fake virus warning popups |
π Reporting Fake or Suspicious Websites
If you discover a suspicious website pretending to be a government service, bank, or trusted company, you can report it directly to the NCSC.
The NCSC advises:
- Do not click suspicious links unnecessarily
- Copy URLs carefully instead
- Do not enter personal details
- Report websites even if you are unsure
Reported phishing websites may be investigated and removed through cooperation with hosting providers and law enforcement partners.
Typing GOV.UK or banking addresses manually into your browser is safer than clicking links from unexpected emails or text messages.
π· HMRC Phishing Scams Explained
HMRC remains one of the most heavily impersonated UK government services.
Common HMRC scam themes include:
- π· Fake tax refunds
- β Penalty notices
- π Self Assessment alerts
- π² Verification code requests
- β Threatening automated phone calls
- π§ Government Gateway login scams
HMRC states it will never send messages asking for personal or banking information unexpectedly through texts, WhatsApp messages, or unofficial email addresses.
π¨ Report HMRC Scams
- Suspicious HMRC emails β phishing@hmrc.gov.uk
- Scam HMRC texts β 60599
- Fake HMRC social accounts β branddefence@hmrc.gov.uk
HMRC also warns about fake QR codes used in phishing campaigns.
π² QR Code Phishing Is Increasing
Cybercriminals increasingly use QR codes to bypass email filters and redirect users to fake login pages.
Fake QR codes may appear in:
- HMRC messages
- Delivery notifications
- Banking alerts
- Microsoft sign-in requests
- Parking payment notices
HMRC guidance states QR codes in genuine communications should never unexpectedly request personal or payment information.
QR codes can hide malicious website addresses completely until scanned. Always verify the final URL before signing in anywhere.
π‘ What To Do If You Clicked a Scam Link
- Change affected passwords immediately
- Enable multi-factor authentication (MFA)
- Contact your bank if payment details were shared
- Run antivirus and malware scans
- Review recent account activity
- Report the scam to the NCSC or HMRC
- Monitor identity and tax records carefully
The NCSC says users who entered passwords should immediately change passwords anywhere the same password was reused.
π Why Phishing Scams Still Work
Modern phishing attacks increasingly use:
- AI-generated messages
- Compromised legitimate accounts
- Real company branding
- Personalised targeting
- SMS spoofing
- Credential stuffing from old breaches
Security agencies warn that even experienced users may struggle to distinguish advanced phishing pages from genuine services.
π§ Expert Insight from dir.md
Expert Insight:
One of the biggest misconceptions about phishing is believing obvious spelling mistakes or poor design are still common warning signs.
Modern phishing operations increasingly use professionally designed clone websites that imitate GOV.UK, HMRC, Microsoft, and banking services with remarkable accuracy.
Another major risk involves credential reuse. Attackers frequently combine passwords leaked from unrelated breaches with phishing campaigns to bypass security systems more effectively.
Cybersecurity specialists increasingly recommend:
- Using authenticator apps or passkeys
- Avoiding reused passwords entirely
- Checking website domains character-by-character
- Never approving unexpected MFA requests
- Monitoring tax and banking accounts regularly
- Typing important URLs manually
Unexpected security codes or password reset messages are especially important warning signs because they may indicate somebody already knows your password from another breach.
π Common UK Scam Themes Reported Online
- Fake HMRC tax refunds
- Government Gateway login pages
- Parcel delivery payment scams
- Bank account verification requests
- Microsoft unusual sign-in alerts
- Energy rebate scams
- QR-code phishing attacks
- Threatening automated HMRC calls
The NCSC and HMRC continue warning that phishing campaigns evolve constantly and increasingly target mobile devices and messaging applications.
β Frequently Asked Questions
Where do I report phishing emails in the UK?
Forward suspicious emails to report@phishing.gov.uk using the UK Suspicious Email Reporting Service operated by the NCSC.
How do I report scam text messages?
Forward suspicious text messages to 7726, which works with most UK mobile providers.
What should I do if I entered passwords on a fake website?
Immediately change passwords, enable MFA, scan devices for malware, and review financial or government accounts for suspicious activity.
Does HMRC send tax refund texts?
HMRC warns users not to trust messages offering tax refunds or requesting banking details unexpectedly because many are scams.
Can suspicious websites be removed after reporting?
Yes. The NCSC works with hosting providers and law enforcement partners to investigate and remove malicious websites where possible.
π Learn More
- Official GOV.UK Scam & Phishing Reporting Guide
- NCSC Phishing Protection & Reporting Hub
- Report Scam Emails to the NCSC
- Report Suspicious Websites
- Report HMRC Scam Messages & Calls
Prepared using official GOV.UK guidance, National Cyber Security Centre phishing resources, HMRC anti-fraud documentation, UK scam reporting systems, and government cybersecurity guidance.
