HMRC stopped 30,000 phishing emails with DMARC

HMRC stopped 30,000 phishing emails with DMARC

HMRC has just completed a three-year project to improve its cybersecurity and prevent phishing emails. As one of the most phished brands in the world, the government organisation implemented ‘Domain-based Message Authentication, Reporting & Conformance’ (DMARC) to stop fraudulent and potentially damaging emails being sent to the British public.

HMRC purportedly struggles with around 500 million fraudulent emails per year. Often these emails appear legitimate, with subjects such as ‘Your 2016 Tax Report’. Spoof emails claiming to be from HMRC also commonly promise rebates or make threats about penalties. Provoking unfortunate victims into parting with sensitive bank details, by presenting themselves as legitimate HMRC employees, the cybercriminals behind these scams have attempted to extort money from around 50 million users, and reportedly made over £100 million in stolen funds to date.

DMARC technology is a proven way to block phishing attacks. For HMRC, this prevents malicious senders from impersonating its domain, a common method used for phishing attempts. DMARC can also detect unauthorised activity and request that suspect messages are blocked or discarded. So, it can identify spam and phishing messages, and make sure they never reach people’s inboxes. Whilst DMARC has not eradicated all phishing attempts, HMRC has managed to reduce the number of such emails by a whopping 300 million.

While HMRC was the first government agency to implement this protocol, in a bid to offer the British public the highest possible levels of protection, DMARC is now a requirement for all governmental digital services. Furthermore, as the sophistication of scammers increases, DMARC is set to become increasingly important across all sectors; not least the legal profession; with email a law firm’s biggest risk when it comes to cybercrime.

As such, Lawyer Checker – which provides technology and products to help protect lawyers and consumers – has recently added OnDMARC to its range of risk management products.

“More than 60% of all cybercrimes reported to us are email modification frauds”. SRA Risk Outlook 2017/18

OnDMARC is a web-based service that allows firms to secure their email effectively by implementing DMARC through its online platform. Helping to protect staff and clients from receiving and falling victim to email modification fraud and preventing third-parties from impersonating your email address, OnDMARC will actively block phishing attacks and safeguard your firm.

Find out here how to get the support you need to implement OnDMARC confidently and quickly.

To find out how DMARC could help to protect your firm against the growing risk of email modification fraud, please click here.

FREE Webinar – DMARC, Email Spoofing & How To Protect Yourself

Presented by Victoria Cope, 30th April 2.30pm – 3.00pm. Register Now


This article was submitted to be published by Lawyer Checker as part of their advertising agreement with Today’s Conveyancer. The views expressed in this article are those of the submitter and not those of Today’s Conveyancer.

Lawyer Checker

Lawyer Checker announce survey results and Tech Hamper winners






Provider of market-leading risk management solutions to the legal sector.

Lawyer Checker is a leading provider of risk management solutions to the legal sector, offering a full inclusive suite of products and services which have one thing in common – they are all designed to protect and to promote your firm.

Our expert understanding of the legal sector means that we are in a unique position to ensure that your business is protected from the main threats without delay.

We are committed to being proactive when it comes to caring for our clients, and to getting them onto a platform where they are safer.

What does Lawyer Checker do?

Our suite of fraud prevention and cyber security products include:


Thirdfort is the latest in Lawyer Checker's innovative suite of products helping to defend law firms against the persistent threats lurking in the legal sector, by providing enhanced due diligence to source of funds and ID checks. It uses a mobile app to digitally confirm a client's identity by combining facial recognition technology with document scanning and open banking, enabling you to confidently “Know Your Customer." Find out more >

Account and Entity Screen (AES)

AES provides your firm with enhanced risk management when transferring funds by checking the accounts details of a solicitor you are sending funds to against our unique database. This ensures your client funds are sent to a legitimate bank account associated with the vendor’s conveyancing firm. Find out more >

Consumer Bank Account Checker (CBAC)

CBAC offers enhanced due diligence when remitting sales proceeds and balancing payments to consumers. It works by validating the source and destination of funds by checking the bank account details match your client’s personal details when sending or receiving client funds. Find out more >


A vital layer in protecting against email modification fraud, OnDMARC can actively block phishing attacks and obstruct 3rd parties impersonating your email domain to any recipient such as your clients, suppliers or employees. Email fraud is a law firm’s biggest risk. To avoid sensitive data being stolen through email impersonation fraud, safeguard your firm by implementing OnDMARC, otherwise anyone can send an email directly to your customers, suppliers or employees pretending to be you. Find out more >

Cyber Certifications

The National Centre for Cyber Security has identified the legal sector as a top target for cyber criminals. The sensitive data, large sums of money and important information that is held needs protecting to avoid severe damage to clients and your reputation.

Cyber Essentials

Cyber Essentials is a ‘must have’ certification for law firms which will protect your business, prevents data breaches and highlights to your customers, your regulators, the ICO and cyber criminals that you take cyber security seriously and shows you have taken the recommended steps to secure yourselves from potential threats. Getting Cyber Essentials certification for your firm is quick and easy, our in-house expert Cyber Essentials Assessors at Lawyer Checker (Part of Practical Vision Network) can conduct your online assessment and issue your certificate in less than 48hrs. For only £350 plus VAT it will give you peace of mind that you have shielded your law firm from cyber risk.

Cyber Essentials Plus

Our professional in-house assessors can issue official certificates to compliant firms for Cyber Essentials Plus, which is the next step up from Cyber Essentials. It covers the same controls but this time it is independently verified by a site visit from our expert assessor who will carry out a thorough inspection of online devices and web hosts through a detailed network vulnerability scan and certify your security arrangements to Cyber Essentials Plus level.

IASME Governance

Our expert in-house assessors can issue official certificates to compliant firms for IASME which includes Cyber Essentials certification along with a GDPR readiness assessment. It signifies to your customers and shareholders that you consider data protection a priority, and your desire to manage risk by demonstrating a high level of security. This certification is particularly suitable for businesses that are working towards ISO27001 and want a stepping stone, or for those that want to align to ISO27001 but perhaps don’t have the budget to go to a full certification.

ISO 27001

Our expert in-house consultants will help your firm prepare for ISO 27001 certification audits. It is internationally recognised as the most comprehensive and detailed accreditation to help embed a healthy security culture within your business. The consultation focuses on all business areas and not just the IT department. Our execution experts can work with you to implement ISO27001 in a way that works for your business and can provide as much or as little support as you need from project plans, document templates to full implementation. Our professional assessors can even help you to book and prepare for your certification audits.

To safeguard your business, use Lawyer Checker’s comprehensive products and services to arm you and your law firm with the right tools and information to be able to obtain the assurances you need to act in the best interests of your clients.

Key contacts:

Heidi Jenkins
Key Relationship Manager at the Practical Vision Network including Lawyer Checker, Solve Legal Marketing and The Move Exchange.
M: 0330 052 7588 E: [email protected]

Mark Siwiec
Business Development Manager (Cyber) at the Practical Vision Network including Lawyer Checker, Solve Legal Marketing and The Move Exchange.
M: 03300529150 E: [email protected]

Suite 4, Wright House, 67 High Street, Tarporley, Cheshire, CW6 0DP

Leave a Reply

Your email address will not be published.