The government's approach to the security of online tax assessments has been criticised by the opposition, as the 31 January deadline for online tax payments approaches.
In a parliamentary question, Labour MP Chi Onwurah asked the chancellor of the exchequer what assessment he has made of the security of online submission of tax returns, and what estimate he has made of the costs to those who have submitted returns to "copycat" [phishing] sites in the last five years.
In response, David Gauke, the chancellor's exchequer secretary to the treasury, said, "HMRC takes the security of online tax returns very seriously. The department is aware of phishing attacks that invite customers to submit their personal returns via websites purporting to be HMRC websites and, once reported, HMRC works with the hosting providers of such websites to remove the sites."
He said, "HMRC does not collect information about the private use of third party websites. HMRC responds to such websites on a case-by-case basis. Where an offence has been committed, we work with law enforcement partners using the full extent of our powers."
Gauke said a "cross-government initiative" is being led by the cabinet office to ensure that the public is "adequately protected from the risks posed by imitation websites". HMRC is "actively engaging" with a number of government departments through the project, he said.
This wasn't enough for Onwurah though. She told ComputerworldUK.com, "I was asking how seriously they take the security of tax-payers encouraged to submit on line who then find themselves hoaxed into unnecessary payments.
"The fact that HMRC takes no responsibility for citizen security might be more acceptable if the cabinet office was showing some leadership, but Mr Maude [cabinet office minister] has no detailed plans to adequately protect the public."
She said, "For this government cyber security is all about their own bureaucracy and big business, it is not about the public."