Criminals are using phishing emails to take advantage of the UK energy crisis by promising fake refunds to trick victims into providing bank account information.
Approximately 1,600 phishing emails with links to websites designed to steal personal and financial information have been reported to the police in the previous two weeks. The phishing emails include the subject line “Claim your bill refund immediately” and claim to be from the energy regulator Ofgem. To help consumers, deal with rising gas and electricity prices, it notifies users that they are eligible to a payment through a government programme.
Many receivers realised the emails were fake and reported the fraud after seeing that they had to “apply for an energy bill refund by June 2022” in the emails.
A total of 1,567 phishing emails connected to this scam were reported through the Suspicious Email Reporting Service in the two weeks between August 22nd and September 5th, 2022.
Hayley King, detective chief inspector with the City of London Police, made the following statement:
It is shameful that in a time of financial hardship, criminals are targeting members of the public by claiming they are entitled to receiving rebates and refunds. If an email is genuine, the company will never push you into handing over your details. Always take a moment to consider if the request you have received is genuine. We would always urge people to follow the Take Five to Stop Fraud advice and think carefully before giving out their personal and financial details.
The difficulty expected as a result of the anticipated increase in energy prices has authorities concerned that many recipients might be duped into responding to the phishing emails.
A representative at Ofgem said:
Protecting consumers is our top priority. It is alarming that vulnerable customers are being preyed upon in this way when people are already struggling so much. That’s why, as energy regulator, on top of issuing our own warnings and advice, we have asked all energy suppliers to ensure clear and up to date information on scams is easily accessible on their websites.
Only scammers put pressure on you and demand that you quickly hand over information. Legitimate businesses will not object if you call them back. Customers should speak with the company directly if they have any questions about a communication. Users must use the information from their official website instead of the phone number or address provided in the message.
Send an email you’re not sure about to firstname.lastname@example.org if you’ve received one. If you believe you have been the victim of a scam, report it to Action Fraud right away and contact your bank.
Help your colleagues spot these phishing emails by starting your Phishing Tackle security awareness training today with our two-week free trial.