For instance, whenever I transact with HMRC (a Government website) on legitimate business, within hours I get two or three Phishing emails purporting to come from the same place. All with zip files attached, which HMRC never do.
This would worry me a bit. There are only a handful of possible answers to this question.
1. your computer is compromised. software is installed or altered to communicate with the phishers
2. something is intercepting your communications
- the web site you are using isn't using ssl, allowing interception of traffic at various places on the internet
- the web site itself is using ssl, but is submitting forms via plain http POST traffic, allowing interception of traffic at various places on the internet
- another computer on your LAN is monitoring the traffic and is communicating with the phishers
- a computer on the government LAN is monitoring the traffic and is communicating with the phishers
3. the government computer is compromised. software is installed or altered to communicate with the phishers
4. your email provider's LAN or mail server is compromised
None of this can be ruled out without investigation. It is
all possible. You can take steps to isolate / rule out factors. For example, if you take your laptop to another location and it doesn't occur, you have a LAN issue. Using another computer at your same location set up identically (same www and email settings) that doesn't get this response suggests your computer is compromised. Using your iPhone/4g to email the request (using identical mail settings) that triggers the response rules out your LAN and computer. Selecting to send using a different SMTP server (such as gmail), all other factors being unchanged, and not getting a response, strongly implicates your email provider. (I would count that as the greatest odds of being the problem)
Remember, no one is above suspicion. If your email provider is gmail, and you don't get a response when you send via media com's SMTP server, google IS the leak. Trust no one completely.
