Cyber security: Energy bill discount scam

The government has announced that a £400 discount on your energy bills is available to all households.

Although this is good news, scammers have taken this opportunity to exploit people and carry out phishing attacks.

These attacks are feeding off the vulnerability of individuals, as many have struggled with the cost of living increase, and are in desperate need of the financial assistance that the government is offering.

The £400 discount is applied automatically, so why have so many people received texts asking for their information to get the discount?

Scammers are acting as energy providers, known and trusted companies, and even the government, and sending out text messages asking for your details.

These details can and will be used maliciously, so if you receive these texts, do not click on the link, give any information, or even reply.

The method

There are variations of the messages, as they come from different sources, but they will all offer the same thing and give you a link to follow.

The above examples are texts that have been received on a personal mobile device, which is unprotected and has no security measures in place, past what Apple provides.

If the link is followed, it will take the user to a website that will ask them to provide personal details, and set up a direct debit transaction so that they can receive the money.

Of course, this money will not come, and now cybercriminals will have their information.

The information can be used or sold, there’s no limit to what can happen with it.

The BBC has identified a few sites that have been sending out these scam messages, including:

• energy-bill-online.com
• myenergybillonline.com
• rebate-ogem.com
• totalsolutions24-7.co.uk

The scammers are posing as Ofgem, the energy regulator under the UK government.

There have also been reports of emails, featuring the same phishing scam, so texts aren’t the only thing you should be keeping an eye out for.

There has been a statement from the police, reading: “If an email is genuine, the company will never push you into handing over your details.

“All of the reported emails display the email subject header ‘Claim your bill rebate now’ and the criminals behind the scam are using the Ofgem logo and colours to make the email appear authentic.”

How to stay safe

As usual, the most effective way to stay safe from phishing attacks is knowledge.

When using any technology or device, you should ensure that you are never giving away sensitive or protected information, the majority of businesses will never ask for your details through text or email.

If you receive an email or text asking for your information or any important details, ensure you know who is asking before providing anything.

You can contact the establishment you think is contacting you to confirm, check the email address or number you received it from, and take other investigative measures.

If you want to contact the establishment, search for their details and go through their actual website, never contact them through the number, email, or any link that may have been sent by a scammer.

Phishing scams rely on human error, they also often include social engineering tactics.

As an extra protection, you can also ensure that your spam filter is up-to-date and thorough, so it can stop the email from reaching you in the first place.

Lastly, if you are a business and need cyber security support, you have options.

With an IT department, they will help, but you can also outsource IT solutions, either as support to your in-house IT department or to act as your IT department fully.

Here at Itek, we take cyber security seriously, if you need support, contact our team and see how we can help you.