How did scammers know about a road tax renewal?

Which? magazine
Which? is the trading name for the Which? Group, wholly owned by the Consumers’ Association. It operates as a social enterprise, and its charitable purposes and commercial activities are intertwined. Which? isn't just about testing washing machines and vacuum cleaners. They also offer a range of products, services and advice to help you with life's decisions and important moments. More

Posted: 190216

Which? magazine has revealed several DVLA scams over recent months but the latest is one we need to be aware of. The Which? reporter says "when I received my vehicle tax renewal in the post a while back, like most people these days, I opted to pay it online. Everything went through as normal, but just two days later, an email appeared in my inbox that made me look twice". It was headed "Your latest vehicle tax payment failed" with the message reproduced above right which mentioned a risk of a £1,000 fine and offering a convenient link to "Update and verify billings details" - in other words give us your bank account details so we can rob you! The Which? reporter added "even though my email account flagged the message as spam, the professionally worded subject title, along with the presence of the ‘customer number’ made me open things up for a closer look". Fortunately he checked the email address it came from and that "acted as a dead giveaway, but the email arriving so close to my legitimate online renewal does beg the question; had my data been leaked somewhere? How did the scammers know?"

A Which? consumer rights expert mentioned "the DVLA assured us its systems are secure, built to Government standards and checked regularly for any vulnerabilities. It is, however, good practice to regularly clear your browsing data, keep your browser up-to-date, ensure you’ve got a good antivirus software and have good password hygiene. Scammers are becoming increasingly conniving, so trust your spam filters and pause to think if you’re being asked to input payment details after following a hyperlink to another website. It can’t be ruled out that this case in particular could have been a coincidence – it’s not uncommon for scammers to chance their arm with multiple emails at different times. With clever DVLA scams targeting drivers regularly, Which? magazine has written a new guide on how to spot them, so you can stay ahead of the fraudsters".

Basic checks on emails which suggest mischief
> Check the "from" email address looks valid - often it will be seen as wrong but some are clever.
> Check if any linked website is legitimate - take care as some scambugs create clever domain names.
> Check if they ask or seek personal and bank details - if they do delete the email promptly.
> Check for poor spelling, grammar or style - often scambugs' style is a giveaway.