HMRC regularly holds a cyber security forum with key stakeholders. Read on for details of the latest cyber security threats. HMRC is also calling on universities to protect students from tax scams.

“Update from HMRC

• Office 365. Criminals are using Office 365 branding to produce phishing emails which appear to be genuine. The emails prompt the recipient for their usernames and passwords, giving criminals access to the individuals O365 account. This doesn’t just expose the content of the victim’s email account, but all of their corporate files and internal communications on the Office 365 platform.
• Remote desktop access. Many businesses use remote access, which enables staff to connect to their office PC whilst out at client sites. However, the connection to the office PC can also be targeted by criminals, who scan the internet regularly to identify open connections where they can try different username and password combinations to attempt to login. Access to large numbers of these compromised computers are sold on criminal marketplaces, for other criminals to abuse. If remote access to office PCs is necessary, it would be best to speak to your IT provider about using a VPN to connect in remotely and offering remote access over that secure connection.
• The importance of installing updates. Older version of windows – windows 7 and earlier – have a vulnerability in how Remote Desktop session are established, which could enable criminals to gain remote access without the correct username and password. This vulnerability has been named ‘Bluekeep’ and Microsoft have taken the rare step of issuing updates for discontinued versions of Windows. If your business is dependent on old software that is no longer supported, especially if running on old operating systems, it is really important to consider additional security measures to protect that PC from attacks.
• Ransomware. Ransomware is the software used by criminals to encrypt important files on a victim’s computer to deny them access and issue a demand for a ransom to regain access. Many criminals using ransomware continue to deploy it using remote desktop access. This enables the attackers to review the company’s setup, their security and how much they’re likely to be willing to pay before ‘locking’ all of their files.

Multifactor authentication is recommended to reduce the risks of cybercrime. Businesses should ensure that any updates to software should be applied as well as backing up their information securely.”