It’s hardly surprising. With the surge in energy prices it was only a question of time before scammers tried to exploit soaring energy prices. Scam phishing mails claiming to be from energy suppliers, and offering rebates or claiming payments are overdue, are now circulating.

The first is a phishing email claiming to be from British Gas promising customers a ‘refund’ of more than £400.
  • The links within the email take you through to fake webpages where you’re encouraged to part with your personal information in order to receive the £400 refund.
  • Of course the only thing you will receive is a headache when scammers use your information to carry out fraud.
Another scam dressed up as a British Gas missive has also been detected. An email claims that you owe some money on your gas bill. It’s typically a small amount.

The email threatens that if you don’t pay within two days then you’ll be referred to a debt collection agency.

Because the outstanding amount is small, many people might be tempted into paying it, without realising that their payment card details are actually being stolen, when they think they are making a payment.

Scammers are also impersonating energy supplier Eon.
  • A phishing mail promises an £85 refund and all you need to do is enter your personal details into a webpage – which will then be promptly stolen.
  • The email claims you’ve been overcharged and you’re eligible for an £85 refund.
  • The sender’s name is ‘E.ON Gas Refund’ while another name that has been used is ‘E.ON Payment. REFUND’, but it has nothing to do with the energy provider.
  • The email includes a link that takes you to a fake version of the Eon website’s login page.
  • The login page requests a lot of personal details and ends by loading the real Eon website, which is a common tactic among scammers.
Four simple tips for identifying phishing mails

The domain name is misspelt – Anyone can buy a domain name from a registrar. And although every domain name must be unique, there are plenty of ways to create addresses that are near indistinguishable, at first glance, from the one that’s being spoofed. So look very carefully at the address that the email is from.

The email is poorly written - When crafting phishing messages, scammers will often use a spellchecker or translation machine, which will give them all the right words but not necessarily in the proper context. So check the message for grammatical errors.

It includes suspicious attachments or links - Phishing emails either contain an infected attachment that you’re asked to download or a link to a bogus website. The purpose is to capture sensitive information, such as login credentials, credit card details, phone numbers and account numbers. Never open an attachment unless you are fully confident that the message is legitimate.

The message creates a sense of urgency - Many scams request that you act now or else it will be too late. For instance, PayPal and Netflix provide services that are regularly used, and any problems with those accounts could cause immediate inconveniences. Watch out for emails that urge you to act immediately.