{"id":23477,"date":"2025-07-25T11:00:48","date_gmt":"2025-07-25T09:00:48","guid":{"rendered":"https:\/\/cyberinsights.iainfraser.net\/?p=23477"},"modified":"2025-07-27T13:14:58","modified_gmt":"2025-07-27T11:14:58","slug":"hmrc-phishing-attacks","status":"publish","type":"post","link":"https:\/\/smecyberinsights.co.uk\/index.php\/2025\/07\/25\/hmrc-phishing-attacks\/","title":{"rendered":"Threat Intel: \u00a347M HMRC Phishing Attack: Critical Cyber Wake-Up Call for UK SMEs"},"content":{"rendered":"\t\t
\n\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t<\/a>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t\t\t
\"Partners1_NordVPN\"<\/figure><\/div>
\"Partners3_R3\"<\/figure><\/div>
\"Partners2_Zoho\"<\/figure><\/div>
\"Partners4_Plesk\"<\/figure><\/div>
\"Partners4_Ensurety\"<\/figure><\/div>
\"Partners7_Passware\"<\/figure><\/div>
\"Red_Button_Slider\"<\/figure><\/div>
\"ogo2\"<\/figure><\/div>\t\t\t<\/div>\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\"New\t\t\t\t\t\t\t\t\t\t\t
Image Credit: Image Credit Images of Money-Flickr<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\"nordvpn\"<\/a>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t

Helping Keep Small Business CYBERSafe!
\n<\/strong>Gibraltar: Thursday 24 July 2025 at 11:00 CET<\/p>\n

\u00a347M HMRC Phishing Attack: Critical Cyber Wake-Up Call for UK SMEs and Tax Compliance Systems
\n<\/strong>By: Iain Fraser<\/a> – Cybersecurity Journalist<\/a>
\nPublished in Collaboration with: Nord VPN<\/a>
\nSMECyberInsights.co.uk<\/a> –\u00a0<\/a>First for SME Cybersecurity
\n<\/a>Google Indexed on 250725 at 12:05 CET<\/a>
\n#SMECyberInsights\u00a0 #SMECyberAwareness\u00a0 #CyberSafe #SME #SmallBusiness <\/em>#Phishing #HMRC<\/em><\/p>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t

\n\t\t\t\t\t
\n\t\t
\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t

Executive Summary<\/strong><\/p>\n

The recent revelation that His Majesty’s Revenue & Customs (HMRC)<\/a> customers fell victim to a Phishing<\/a> scam resulting in \u00a347 million of losses to the taxpayer represents one of the most significant Cybersecurity failures in UK government history. With thirteen people arrested in Romania and a fourteenth in Preston following international investigations, this attack exposes critical vulnerabilities that have profound implications for UK Small & Medium Enterprises<\/a>.<\/p>\n

The Scale of the Attack: Beyond Government Failure<\/strong><\/p>\n

Unprecedented Financial Impact<\/strong><\/p>\n

Officials revealed that fraudsters siphoned \u00a347 million in tax refunds in 2023 using data stolen from British taxpayers, though HMRC<\/a> successfully blocked an additional \u00a31.9 billion in attempted fraud. This represents only the tip of the iceberg, with HMRC<\/a>‘s deputy chief executive Angela MacDonald describing the \u00a347 million loss as “a lot of money” during Treasury Committee hearings.<\/p>\n

Criminal Network Sophistication<\/strong><\/p>\n

The suspects are believed to have used stolen personal data to make fraudulent claims for tax refunds and benefits in the UK, demonstrating the sophisticated nature of modern organised crime. The raids resulted in seizures of more than a million pounds in cash in large wads of notes, euros, jewellery, and luxury cars, illustrating the profitable nature of tax-focused Cybersecurity breaches.<\/p>\n

Critical SME Vulnerabilities Exposed<\/strong><\/p>\n

Third Most Targeted Government Body<\/strong><\/p>\n

The fact that His Majesty’s Revenue & Customs (HMRC)<\/a> was the third most spoofed UK government body in 2022, behind the NHS and TV Licensing reveals a systematic targeting of services that UK SMEs<\/a> rely upon most heavily. This targeting pattern suggests criminals specifically focus on disrupting small business operations and financial systems.<\/p>\n

Fraud Mechanisms Affecting SME Operations<\/strong><\/p>\n

The Romanian investigation reveals that organised criminal gangs stole data and used it to submit fraudulent PAYE claims, VAT repayments and Child Benefit payments. For UK SMEs<\/a>, this creates multiple risk vectors:<\/p>\n

1. PAYE System Vulnerabilities<\/strong>: Fraudulent payroll tax claims could disrupt legitimate SME operations<\/p>\n

2. VAT Repayment Fraud<\/strong>: Criminals targeting VAT systems could compromise SME cash flow<\/p>\n

3. Identity Theft Cascade<\/strong>: Stolen SME owner data could facilitate wider business fraud<\/p>\n

The SME Cybersecurity Crisis Context<\/strong><\/p>\n

Alarming Statistical Reality<\/strong><\/p>\n

The HMRC<\/a> attack occurs against a backdrop of deteriorating SME Cybersecurity resilience. Small and medium-sized enterprises throughout the United Kingdom are incurring annual losses amounting to \u00a33.4 billion due to inadequate Cybersecurity measures, with the average cost of a cyber breach for SMEs<\/a> in the UK estimated at \u00a38,460.<\/p>\n

Phishing Attack Frequency<\/strong><\/p>\n

Recent government data shows 35% of micro businesses and 42% of small businesses identified Phishing<\/a> attacks in 2025, though this represents a decrease from 2024 figures. However, companies with fewer than 100 employees receive 350% more social engineering attacks\u2013including Phishing, baiting, and pretexting than larger companies.<\/p>\n

Training and Protection Gaps<\/strong><\/p>\n

Research shows that 52% of UK SME employees received no Cybersecurity training and 32% of SMEs<\/a> had no Cybersecurity protections in place at all. This vulnerability directly contributed to the success of the HMRC<\/a> Phishing<\/a> campaign.<\/p>\n

Operational Downsides for UK SMEs<\/strong><\/p>\n

Tax System Trust Erosion<\/strong><\/p>\n

The HMRC<\/a> breach fundamentally undermines trust in digital tax systems that UK SMEs<\/a> depend upon for:<\/p>\n

1. VAT Returns<\/strong>: Online submission systems now viewed with suspicion<\/p>\n

2. PAYE Processing<\/strong>: Payroll tax systems compromised by fraud concerns<\/p>\n

3. Digital Tax Records<\/strong>: Cloud-based accounting integration risks<\/p>\n

Compliance Cost Escalation<\/strong><\/p>\n

Following the breach, SMEs<\/a> face increased compliance burdens:<\/p>\n

1. Enhanced Verification Requirements<\/strong>: Additional authentication steps slow business processes<\/p>\n

2. Manual Backup Systems<\/strong>: Need for paper-based alternatives increases administrative costs<\/p>\n

3. Professional Service Dependency<\/strong>: Greater reliance on accountants and tax advisors<\/p>\n

Reputational Risk Amplification<\/strong><\/p>\n

When customer data is compromised, trust is broken, and rebuilding that trust can take years. SMEs<\/a> now face:<\/p>\n

1. Client Confidence Issues<\/strong>: Customers questioning SME data protection capabilities<\/p>\n

2. Supply Chain Suspicion<\/strong>: Larger enterprises scrutinising SME Cybersecurity practices<\/p>\n

3. Banking Relationship Strain<\/strong>: Financial institutions implementing stricter due diligence<\/p>\n

International Crime Network Implications<\/strong><\/p>\n

Romania-UK Criminal Cooperation<\/strong><\/p>\n

The Romania\/UK joint investigation team combining the Prosecutor’s Office attached to the Court of Appeal in Bucharest, HMRC<\/a> and the Crown Prosecution Service demonstrates the international scope of tax fraud. This reveals that UK SMEs<\/a> face threats from sophisticated international criminal networks, not just local opportunistic attackers.<\/p>\n

Money Laundering Networks<\/strong><\/p>\n

The Romanian suspects were arrested on suspicion of computer fraud, money laundering and illegal access to a computer system, indicating complex financial crime structures. UK SMEs<\/a> could inadvertently become conduits for laundering proceeds from similar attacks.<\/p>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\"New\t\t\t\t\t\t\t\t\t\t\t
Image Credit: Image Credit Images of Money-Flickr<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t

Strategic Risk Assessment for SMEs<\/strong><\/p>\n

Immediate Threat Vectors<\/strong><\/p>\n

1. Spoofed <\/strong>HMRC<\/strong><\/a> Communications<\/strong>: Increased fraudulent emails and calls targeting SME tax obligations<\/p>\n

2. Identity Harvesting<\/strong>: Criminals using SME owner data for wider fraud schemes<\/p>\n

3. Supply Chain Infiltration<\/strong>: Fraudsters posing as legitimate tax advisors or government contractors<\/p>\n

Medium-Term Systemic Risks<\/strong><\/p>\n

1. Regulatory Response<\/strong>: Potential for increased compliance requirements affecting SME operations<\/p>\n

2. Insurance Premium Increases<\/strong>: Cybersecurity insurance costs rising following government breaches<\/p>\n

3. Technology Trust Erosion<\/strong>: Reduced confidence in digital government services<\/p>\n

Cybersecurity Resilience Requirements<\/strong><\/p>\n

Essential Protective Measures<\/strong><\/p>\n

Given the sophisticated nature of the HMRC<\/a> attack, UK SMEs<\/a> must implement:<\/p>\n

1. Multi-Factor Authentication<\/strong>: For all tax and financial system access<\/p>\n

2. Email Security Enhancement<\/strong>: Advanced Phishing<\/a> detection and prevention<\/p>\n

3. Staff Training Programmes<\/strong>: Regular education on social engineering tactics<\/p>\n

4. Incident Response Planning<\/strong>: Procedures for suspected tax fraud attempts<\/p>\n

Regulatory Compliance Adaptation<\/strong><\/p>\n

Nearly 90% of SMEs<\/a> feel their Cybersecurity position has improved, though experts advise caution, highlighting that mere adoption of Cybersecurity tools does not equate to comprehensive security improvement. Following the HMRC<\/a> breach, SMEs<\/a> must:<\/p>\n

1. Regular Security Assessments<\/strong>: Quarterly vulnerability evaluations<\/p>\n

2. Third-Party Verification<\/strong>: Independent Cybersecurity auditing<\/p>\n

3. Continuous Monitoring<\/strong>: Real-time threat detection systems<\/p>\n

Financial Impact Projections<\/strong><\/p>\n

Direct Cost Implications<\/strong><\/p>\n

On average, SMBs spend between \u00a3826 and \u00a3653,587 on Cybersecurity incidents, with 95% of Cybersecurity breaches attributed to human error. The HMRC<\/a> attack pattern suggests UK SMEs<\/a> should budget for:<\/p>\n

1. Prevention Investment<\/strong>: \u00a35,000-\u00a315,000 annually for comprehensive protection<\/p>\n

2. Incident Response Costs<\/strong>: \u00a310,000-\u00a350,000 for breach management<\/p>\n

3. Business Continuity<\/strong>: 3-6 months revenue protection for operational disruption<\/p>\n

Broader Economic Context<\/strong><\/p>\n

The next five years are due to see a 15% increase in cybercrime costs reaching \u00a310.5 trillion by 2025, with UK SMEs<\/a> representing a disproportionately vulnerable segment within this escalating threat landscape.<\/p>\n

Government Response and SME Implications<\/strong><\/p>\n

Enhanced Security Measures<\/strong><\/p>\n

HMRC<\/a> issued guidance stating its security systems detected unauthorised access to some customers’ accounts, indicating reactive rather than proactive security measures. This government approach shifts responsibility for protection increasingly towards individual SMEs<\/a>.<\/p>\n

Long-Term Systemic Changes<\/strong><\/p>\n

The international cooperation required to address this attack suggests future tax compliance may involve:<\/p>\n

1. Enhanced Verification Protocols<\/strong>: More complex authentication requirements<\/p>\n

2. International Data Sharing<\/strong>: Increased cross-border information exchange<\/p>\n

3. Real-Time Monitoring<\/strong>: Continuous transaction surveillance systems<\/p>\n

Strategic Recommendations for UK SMEs<\/strong><\/p>\n

Immediate Action Plan<\/strong><\/p>\n

1. HMRC<\/strong><\/a> Communication Verification<\/strong>: Implement strict procedures for validating tax authority communications<\/p>\n

2. Staff Alert Protocols<\/strong>: Brief all employees on current Phishing<\/a> tactics targeting tax systems<\/p>\n

3. System Access Review<\/strong>: Audit all digital connections to government tax services<\/p>\n

4. Professional Consultation<\/strong>: Engage qualified Cybersecurity advisors for risk assessment<\/p>\n

Long-Term Strategic Positioning<\/strong><\/p>\n

1. Cybersecurity Investment Priority<\/strong>: Allocate 3-5% of revenue to comprehensive protection<\/p>\n

2. Insurance Coverage Evaluation<\/strong>: Review and enhance Cybersecurity insurance policies<\/p>\n

3. Supply Chain Security<\/strong>: Implement vendor Cybersecurity requirements<\/p>\n

4. Regulatory Monitoring<\/strong>: Establish processes to track evolving compliance requirements<\/p>\n

Future Threat Landscape Evolution<\/strong><\/p>\n

Criminal Innovation Patterns<\/strong><\/p>\n

The sophistication demonstrated in the HMRC<\/a> attack indicates criminals are:<\/p>\n

1. Targeting Critical Infrastructure<\/strong>: Focusing on systems essential to SME operations<\/p>\n

2. International Collaboration<\/strong>: Developing cross-border criminal networks<\/p>\n

3. Technology Advancement<\/strong>: Using AI and machine learning for enhanced social engineering<\/p>\n

Defensive Response Requirements<\/strong><\/p>\n

Evolving threats like Phishing<\/a> and ransomware and disparities between different types of organisations highlight persistent vulnerabilities. UK SMEs<\/a> must prepare for increasingly sophisticated attacks requiring proportionally enhanced defensive measures.<\/p>\n

Conclusion: The New Reality for UK SME Cybersecurity<\/strong><\/p>\n

The \u00a347 million HMRC<\/a> Phishing<\/a> attack represents a watershed moment for UK Small & Medium Enterprise<\/a> Cybersecurity strategy. The combination of government system vulnerabilities, international criminal sophistication, and SME preparedness gaps creates a perfect storm of risk that demands immediate, comprehensive response.<\/p>\n

The arrest of fourteen individuals across Romania and the UK, whilst demonstrating law enforcement capability, cannot undo the fundamental trust damage to digital tax systems upon which UK SMEs<\/a> depend. The revelation that criminals successfully extracted \u00a347 million whilst an additional \u00a31.9 billion in attempted fraud was blocked suggests the scale of ongoing threats far exceeds current defensive capabilities.<\/p>\n

For UK SMEs<\/a>, this attack serves as an unequivocal wake-up call: reliance on government system security is insufficient. The integration of sophisticated international criminal networks, advanced social engineering techniques, and systematic exploitation of human error vulnerabilities requires a fundamental reassessment of SME Cybersecurity investment priorities.<\/p>\n

The path forward demands recognition that Cybersecurity is no longer a technical consideration but a core business survival requirement. SMEs<\/a> that fail to adapt to this new reality risk becoming casualties in an escalating cyber warfare landscape where the stakes continue to rise exponentially.<\/p>\n

This analysis reflects developments as of July 2025. UK <\/em>SMEs<\/em><\/a> should monitor ongoing investigations and implement enhanced security measures immediately to protect against similar attacks.<\/em><\/p>\n

\ufeff<\/span><\/p>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\tLatest Cyber Advice from Gov.uk \/...<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\"CYBERInsights\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t
Image Credit: IfOnlyCommunications<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\"nordvpn\"<\/a>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t

UK Small Business Owner? Join SMECyber Free Now! & Access the SME Cyber Forum – Read, Learn, Engage, Share …<\/h4>\n

The Latest SME<\/strong> Cybersecurity News, Threat Intelligence & Analysis, Timely Scam Alerts, Best-practice Compliance, Mitigation & Resources specifically curated for UK Based SMEs<\/strong> in a Single Weekly Email direct to your Inbox or Smart Device together with Unrestricted Free Access to our entire SME<\/strong> Cyber Knowledge & Tutorial Library.<\/p>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\tLearn More \/...<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t\t
\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\"NordVPN\"\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t
<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t

What is a VPN & Does my SME Need one?<\/strong> A VPN<\/strong><\/a> is a Virtual Private Network a method of securing your communications credentials. When it comes to Small and Medium-sized enterprises (SMEs<\/strong><\/a>), the choice of VPNs<\/strong><\/a> can significantly impact the security and efficiency of their operations.<\/p>\n

The\u00a0NordVPN<\/b> service allows you to connect to 5600+ servers in 60+ countries. It secures your Internet data with military-grade encryption, ensures your web activity remains private and helps bypass geographic content restrictions online. \u00a0Join\u00a0NordVPN\u00a0Today and\u00a0Save\u00a0up to\u00a073%\u00a0and Get 3 months\u00a0Extra Free<\/a>\u00a0Rude Not to \u2026!<\/strong><\/p>\n<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\tLearn More \/...<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t\t\t
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"Data<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>
\"CI_Feature<\/figure><\/div>\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t
\n\t\t\t\t\t\t<\/path><\/svg>\t\t\t\t\t<\/div>\n\t\t\t\t\t
\n\t\t\t\t\t\t<\/path><\/svg>\t\t\t\t\t<\/div>\n\t\t\t\t\n\t\t\t\t\t\t\t\t\t
<\/div>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

Image Credit: Image Credit Images of Money-Flickr Image Credit: Image Credit Images of Money-Flickr Latest…<\/p>\n","protected":false},"author":1,"featured_media":23469,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"cybocfi_hide_featured_image":"yes","footnotes":""},"categories":[655],"tags":[656,434],"ppma_author":[505],"class_list":["post-23477","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-phishing","tag-hmrc","tag-phishing"],"featured_image_urls":{"full":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/07\/Image-Credit-Images-of-Money-Flickr-1.jpg",624,468,false],"thumbnail":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/07\/Image-Credit-Images-of-Money-Flickr-1-150x150.jpg",150,150,true],"medium":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/07\/Image-Credit-Images-of-Money-Flickr-1-300x225.jpg",300,225,true],"medium_large":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/07\/Image-Credit-Images-of-Money-Flickr-1.jpg",624,468,false],"large":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/07\/Image-Credit-Images-of-Money-Flickr-1.jpg",624,468,false],"1536x1536":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/07\/Image-Credit-Images-of-Money-Flickr-1.jpg",624,468,false],"2048x2048":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/07\/Image-Credit-Images-of-Money-Flickr-1.jpg",624,468,false],"covernews-featured":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/07\/Image-Credit-Images-of-Money-Flickr-1.jpg",624,468,false],"covernews-medium":["https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2025\/07\/Image-Credit-Images-of-Money-Flickr-1-540x340.jpg",540,340,true]},"author_info":{"display_name":"Cybersecurity Journalist Iain Fraser","author_link":false},"category_info":"PHISHING<\/a>","tag_info":"PHISHING","comment_count":"0","authors":[{"term_id":505,"user_id":1,"is_guest":0,"slug":"admin_yjdstq4n","display_name":"Cybersecurity Journalist Iain Fraser","avatar_url":{"url":"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/10\/index_image440-removebg-preview.png","url2x":"https:\/\/smecyberinsights.co.uk\/wp-content\/uploads\/2024\/10\/index_image440-removebg-preview.png"},"0":null,"1":"","2":"","3":"","4":"","5":"","6":"","7":"","8":""}],"_links":{"self":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts\/23477","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/comments?post=23477"}],"version-history":[{"count":13,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts\/23477\/revisions"}],"predecessor-version":[{"id":23746,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/posts\/23477\/revisions\/23746"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/media\/23469"}],"wp:attachment":[{"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/media?parent=23477"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/categories?post=23477"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/tags?post=23477"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/smecyberinsights.co.uk\/index.php\/wp-json\/wp\/v2\/ppma_author?post=23477"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}