Beware of fake E.ON refund emails, warns Action Fraud
Action Fraud – the UK’s national reporting centre for fraud and cybercrime – has said scammers are impersonating Eon in an attempt to steal the recipient’s money and financial details.
The UK’s energy crisis has seen household utility bills rocket following the price cap increase this April, scammers are seeing this as an opportunity to fleece unsuspecting residents out of their hard-earned cash.
Action Fraud said today it has received 449 relating to fake emails – known as phishing – purporting to come from E.ON.
The emails state that the recipient is owed an £85 refund due to an ‘overcharge’.
Action Fraud has said the links to the emails lead to a ‘genuine-looking website’ but they are designed to steal a personal details.
Phishing is a method used by scammers, using fake emails or web links which look trustworthy and familiar, to gain access to sensitive information such as passwords and bank details or to infect your device with malware.
Phishing emails are a very common type of cyber attack and because they’re made to look like they’re from an official source, they’re easy to fall victim of.
They could be from a business you’re a customer of – your gas and electricity supplier, for example – asking you to manage your account or pay a bill.
If you’ve had a suspicious email from someone claiming to be from E.ON, forward it to [email protected] for their cyber security team to investigate, if you’re a customer or not, and then delete it immediately.
Email safety tips
E.ON has listed four things you can check if you’ve received an email claiming to be from us.
1. Check the sender’s address
The senders email address may look trustworthy at first, but the name after the ‘@’ (the domain) can give you a clue as to whether it’s bogus. For example if the email is sent from: @eonHelpDeskUK.com, this is likely a malicious phishing attempt, as we’d only send emails from @eonenergy.com.
2. Is the greeting personal?
A genuine email will address you by your full name, and not a generic term like ‘sir’, ‘madam’, or ‘loyal customer’.
3. Be cautious
If you’re using a mouse, hover over any links you’re unsure of before clicking on them, just to see if the link address looks genuine. If you’re unsure, go to the website directly instead of using the link in the email.
4. How does it look?
Check the grammar, tone and design of any emails which you receive. Look out for inconsistent fonts, unusual characters and punctuation.
Remember, if you’re unsure, forward the email to [email protected] and our cyber security team will investigate.
