Fake DVLA Vehicle Tax Refund Scam
Phishing texts and emails impersonating a national vehicle licensing authority, such as the UK's DVLA, claim a tax refund is owed or that vehicle tax is overdue, designed to harvest card details or extract fraudulent payment.
Last reviewed: 5 July 2026
What this scam is
This scam impersonates a national vehicle licensing or tax authority — in the UK, the Driver and Vehicle Licensing Agency (DVLA), with equivalent authorities in other countries — using text messages and emails that appear to come from an official government sender. It exists in two mirror-image forms: a 'refund' version, claiming the recipient is owed money back on vehicle tax due to an early cancellation, sale, or change of vehicle, and an 'overdue' version, claiming vehicle tax has not been paid and threatening a fine, clamping, or prosecution unless payment is made immediately.
Both versions direct the recipient to a website carefully designed to look like the genuine government payment portal, requesting full payment card details and often additional personal information such as name, address, date of birth, or driving licence number under the guise of 'verification'.
The messages are frequently timed around common vehicle tax renewal periods, when a large proportion of recipients will have recently renewed or be due to renew, making the message feel plausible and relevant regardless of whether the individual recipient actually has any outstanding tax issue.
How it works
A mass text message or email campaign is sent out, spoofing the sender name or number to appear as though it comes from the licensing authority. The message either offers a specific refund amount for overpaid vehicle tax or warns that tax is overdue and a penalty is imminent, with a link to 'claim your refund' or 'pay now to avoid a fine'.
The link leads to a website cloned to closely resemble the real government payment portal, including matching colours, logos, and page layout. The recipient is asked to enter full card details — card number, expiry date, and security code — and sometimes additional personal details such as date of birth or driving licence number, framed as necessary to verify identity before a refund can be released or a payment processed.
In some versions, a small 'processing' or 'verification' fee is charged immediately as proof the card works, followed later by larger unauthorised charges once the card details have been fully captured. More sophisticated versions redirect the recipient to the genuine government website after collecting their details, so the visit ends with no visible sign anything went wrong.
Why this scam works
Government senders carry an inherent level of trust that most other organisations do not, and the timing of these messages around real renewal periods makes the claim feel relevant and current rather than random. The refund version is particularly effective because recipients are being told money is owed to them, which lowers natural suspicion compared to a request for payment — people are less likely to scrutinise a process they believe benefits them financially.
The overdue version instead relies on the fear of a fine, prosecution, or vehicle clamping, creating urgency that discourages the recipient from pausing to verify the claim independently before entering their card details.
Common red flags
- An unexpected refund claim for tax you did not query or expect back
- A link with a web address that does not match the official government domain suffix
- An urgent threat of a fine, clamping, or prosecution demanding immediate action
- A request for full card number, expiry date, and security code to 'release' a refund
- Generic greetings such as 'Dear Customer' rather than your name
- A request for a small fee before a refund can supposedly be paid out
- Poor grammar, unusual formatting, or a sender number that is a standard mobile number
- Pressure to act within a very short time window
Sanitized example messages
Illustrative, sanitized examples. Personal details are replaced with placeholders such as [phone number] and [fake link].
You are eligible for a vehicle tax refund of [amount]. Claim here: [link]
Your vehicle tax has not been paid. To avoid a fine of [amount], pay immediately: [link]
We were unable to process your vehicle tax renewal. Update your payment details here: [link]
Your vehicle is due to be clamped due to unpaid tax. Settle the balance now to avoid enforcement action: [link]
Common variations
- Refund variant claiming an overpayment is owed following an early cancellation or vehicle change
- Overdue variant threatening a fine, clamping, or prosecution for unpaid tax
- Fake 'renewal reminder' offering to process a renewal for an unnecessary fee
- Fake 'vehicle recall' or 'document update' phishing message using similar branding
- Voice call variant with a caller impersonating a licensing authority agent
- Fake vehicle tax 'check' website that harvests personal and vehicle details before redirecting
How to verify before you act
Never click a link in an unsolicited text or email claiming to be about vehicle tax. Instead, open a browser and type the licensing authority's official web address manually, checking carefully that the domain ends in the correct official government suffix for your country, and log in or check your vehicle tax status directly through that verified route.
Genuine vehicle tax refunds are issued automatically to the original payment method used, without requiring the recipient to submit card details via a text or email link. If a message claims tax is overdue, check your actual vehicle tax status on the authority's verified website or by calling a phone number found independently, rather than any number or link provided in the message itself.
Payment methods used
- Card details entered on a phishing payment page
- Small upfront 'processing' or 'verification' charge followed by larger unauthorised transactions
- Bank transfer requested under threat of a fine
Who is usually targeted
- Vehicle owners shortly after a tax renewal period
- Newly registered vehicle keepers
- Elderly or less digitally experienced drivers
- Anyone whose phone number or email has been included in a mass phishing list
What to do immediately
- Do not click the link or provide any details if you have not already done so
- If you have entered card details, contact your bank's fraud line immediately to freeze the card
- Check your actual vehicle tax status directly on the licensing authority's verified official website
- Report the message to your country's official phishing reporting service
- Monitor bank statements closely for unauthorised or unfamiliar charges
- Report the incident to your national fraud reporting body
How to prevent it
- Never click links in unsolicited texts or emails about vehicle tax
- Type the licensing authority's official web address manually rather than following a link
- Remember that genuine refunds are issued automatically to your original payment method
- Check the exact domain suffix of any government website carefully before entering details
- Enable bank transaction alerts to catch unauthorised charges quickly
- Report suspicious texts by forwarding them to your country's official phishing reporting short code, where available
- Use a unique password for any government portal account and enable multi-factor authentication if offered
- Call a phone number sourced independently, never one provided in the suspicious message
Evidence to preserve
- The original text message or email, including the sender number or address
- A screenshot of the phishing website reached via the link
- Any transaction confirmation or receipt received after entering payment details
- Bank statements showing any resulting unauthorised charge
Where to report it
- Action Fraud (UK) — UK national fraud & cybercrime reporting centre
- FTC ReportFraud (US) — US Federal Trade Commission fraud reports
- FBI IC3 (US) — US Internet Crime Complaint Center
- Scamwatch (Australia) — Australian competition & consumer reporting
- Your bank's fraud line — Use the number on the back of your card or in your banking app — never a number the caller gives you
Always verify reporting routes and emergency contacts on the official government or agency website for your country.
Frequently asked questions
Would a real licensing authority ever ask for my card details by text or email?
No. Genuine vehicle tax refunds are issued automatically to the original payment method without requiring you to submit card details through a text or email link. Any message asking you to do so should be treated as fraudulent.
The message arrived right after I renewed my vehicle tax — doesn't that make it more likely to be real?
No, the opposite is true. Scammers deliberately time these campaigns around common renewal periods because a large proportion of recipients will have recently renewed, making the message feel relevant regardless of whether it was actually sent by the licensing authority.
How can I check if I genuinely owe vehicle tax or are due a refund?
Go directly to the licensing authority's official website by typing the address yourself, or call a phone number sourced independently, and check your vehicle's tax status through the verified official channel rather than any link in the message.
I already entered my card details on the fake site — what now?
Contact your bank's fraud line immediately to freeze the card and monitor for unauthorised transactions, then report the message to your country's phishing reporting service and your national fraud reporting body.