/ Money

Scam warning: British Gas phishing email

A phishing email purporting to be from British Gas is fraudulently promising customers a ‘refund’ of more than £400. Have you come across it?

British Gas is making its customers aware of a fake email telling its customers that they’ve ‘overpaid’.

As with similar phishing attemps we’ve been made aware of, such as this DVLA email, fraudsters are after your personal data and/or bank details.

Here’s what the fake email looks like:

The passing off of well-known and respected brands is nothing new. This year we’ve seen Bitcoin scammers impersonating Martin Lewis and the Mirror by email, while a member got in contact with our magazine to alert us of similar phishing attempts disguised as emails from the Royal Mail.

How to deal with phishing emails

We asked British Gas to comment on the email for Which? Conversation. Here’s what it told us:

“We take the issue of phishing very seriously and we take action where we identify any attempts to trick our customers.

We’ve recently become aware of an email which appears to come from ‘bills@britishgas.co.uk’ and we’ve warned customers that this is not a genuine email.

If any of our customers are concerned about a suspect phishing email they can send it as an attachment to phishing@centrica.com so we can look into it further”

We’d encourage anyone who’s seen the scam to send a screenshot to the email British Gas has provided. You can also make Action Fraud aware.

Which? News: 12 banks haven’t yet signed up to new scams protection code

If you think you’ve given a fraudster your bank details, contact your bank immediately. You should also change any passwords that may have been compromised as soon as possible.

You can view all our advice for spotting and reporting scams on our dedicated Consumer Rights site.

Are you a British Gas customer? If so, have you received this scam email?

Let us know in the comments if it’s turned up in your inbox, and help us warn as many people as possible.

Comments

This comment was removed at the request of the user

If you have an online account it will be easy to check that the information is false.

It’s about time that companies dealing with money were banned from including links in emails. It might be a convenience to have them but the are responsible for far too many scams. If it is necessary to contact a customer then simply ask them to log-in.

Robert Moore says:
5 November 2019

i have today recieved this gas over payment email and i am not even with british gas

Darren says:
6 November 2019

I received it and the worrying thing was the figure they quoted was very close to my balance ….. very very nearly fell for it until I checked the e mail address ….. scumbags

Steve C says:
16 December 2019

checking to source email address is mostly pointless – it is trivial (and in some cases necessary/useful) to use a different email address as the source.

Also be aware of checking the link you’re asked to click on. The use of ‘1’ (one) instead of ‘l’ (lower case L) can be hard to see in many default setups’ fonts, and even a legitimate looking one (such is www dot genuine address dot com) can be followed by characters which hide the full address (such as www dot genuineaddress dot com dot actuallyatnastydomain dot com)

Generally be aware of unsolicited requests for information and helpful people contacting you to give you something or save you from some sudden jeopardy (e.g. ‘we have detected fraud on your account – we just need the 3 digits from the back of your card to confirm it is you so we can discuss the matter…’)