Email phishing incident

     Advanced issue found

    Phishing email incident

    We’re aware of an email phishing incident where communications impersonating Nucleus are being issued to our clients and other individuals, not connected to Nucleus. The email refers to a refund from HMRC with a link to click in order to receive it. Please do not click the link as this isn't a genuine email.

    We’ve done a thorough check and can confirm there’s no evidence of our systems being compromised. We understand that an external email account has been hacked and a genuine Nucleus email has been used by a third party as a template for this phishing activity. We've taken action to make sure the external party who may have been compromised is aware and that they can take action to secure their email account.

    Why have I received the email?

    We've sample checked a number of the email addresses being used (via enquiries we've had from recipients of the phishing email) on the 'Have I been pwned' website. This publicly available site lists known breaches and you can find out if an email account has been previously disclosed. Those that we've sampled are all subject to a previous data breach, completely unrelated to Nucleus, which explains why individuals not linked to Nucleus are also being contacted.

    Next steps

    Please do not click on the malicious link and delete the email. If you’ve clicked the link and shared your details you should report this to HMRC.

    We’ve reported this incident to the relevant authorities, including HMRC and we'll continue to actively monitor the situation. We’ll keep this page and advisers up to date with any further information we have on this incident.

    We're very sorry this has happened and understand the concern it may cause you but we're confident this is a third party phishing incident where only our template has been used. There's no evidence of Nucleus systems being compromised.

     Advanced issues found