Protecting AIIC Members from Phishing Attacks

Phishing attacks are on the rise in the UK and pose a serious threat to independent inventory clerks, landlords, and agents. Criminals impersonate trusted organisations to steal personal data or gain unauthorised access, leading to financial loss and reputational damage.

What Is Phishing?

Phishing is a form of cyber-crime in which attackers masquerade as legitimate entities—often via email, text, or phone—to trick recipients into providing sensitive information (e.g. login credentials, bank details, identity documents) or clicking malicious links.

A Real-Life Example

Here’s a phishing email received by AIIC staff, spoofing HMRC’s VAT service:

Screenshot of a fake HMRC VAT email asking to update business details

Notice the subtle grammar errors, the urgent tone, and the “Update” button that leads to a fake portal.

UK-Specific Statistics

3.4 billion phishing emails are sent globally every day.
Phishing accounted for 79% of fraud cases recorded by the National Crime Agency (NCA).
HMRC saw a 178% increase in phishing reports during 2023, per Proofpoint data.
Over 1 in 4 UK adults report receiving a suspicious message each month, according to the National Cyber Security Centre (NCSC).

How to Protect Yourself

Verify the sender. Hover over links and check where it is pointing to. You can see this usually in the bottom left-hand corner of your mail program. The email addresses should match legitimate domains (e.g. @hmrc.gov.uk).
Be sceptical of urgency. Phishers often claim your “account will be closed” or “you’ll face fines” to rush you into mistakes.
Never click unexpected links or attachments. Instead, go directly to the organisation’s official website.
Use multi-factor authentication (MFA). Add an extra layer of security to all critical accounts.
Keep software up to date. Apply OS and application patches promptly to close security gaps.
Report suspicious messages. Forward phishing emails to report@phishing.gov.uk (HMRC) or report via the NCSC’s Reporting Service.

Stay Safe Out There

Keep your business and personal information safe by following our guidelines and think about signing up for CyberEssentials certification. It’s free and could save you a lot of heartache!

Further UK Resources

National Crime Agency (NCA) – guidance on fraud prevention and reporting
National Cyber Security Centre (NCSC) – advice, alerts, and technical guidance
Email HMRC Phishing Service at report@phishing.gov.uk for VAT and tax-related scams
Information Commissioner’s Office (ICO) – data-protection and privacy guidance

Published on 16/07/2025 | Category: Blog, News | Comments Off

Category - "News"

Phishing Attacks – Are You Safe?