We’ve received multiple reports of a fake email purporting to be from takeaway delivery service Just Eat. Here’s what you need to watch out for.
With so many people using takeaway delivery services during the pandemic it’s no surprise to see scammers looking to take advantage of those brands.
We know from experience that uncertainty around the ongoing pandemic is a magnet for fraud, with so many examples already shown here on Which? Conversation.
This fake Just Eat email may at first seem quite obviously illegitimate, but the email it was sent from has deceptively spoofed the ‘Just-Eat.com’ domain, which does itself redirect to the official site (https://www.justeattakeaway.com):
Attempting to ‘claim your £50 Just Eat gift card’ will almost certainly take you through to a phishing website that will attempt to steal sensitive information. Just Eat itself has confirmed that this email (and variations reported to it on Twitter) are fake:
Thanks for sharing this with us Allie, we can confirm that this isn't from us. At Just Eat, we take customer data and security seriously and would like to investigate, please do send a DM with any further details at your earliest convenience. ^EM https://t.co/iT5UsDSrLk
— Just Eat UK (@JustEatUK) February 7, 2021
We also made Just Eat aware of the email directly, a spokesperson said:
“Protecting our customers and brand from online fraud is of utmost importance to us and we take the safeguarding of customer data extremely seriously. We have been made aware of a phishing email that has been sent to a number of Just Eat customers and non-customers, and have taken immediate steps to mitigate this”
It also said it would never send an email asking a customer to follow a link and fill in their personal details in order to receive a voucher.
It emphasised that in no way have Just Eat’s systems been breached or compromised, but that anyone who may have clicked through should change their password and contact their bank, while reporting the incident to action fraud.
Phishing email advice
We agree that if you think you may have passed your bank details or any sensitive information to scammers, you should let your bank know immediately.
Our steps to getting your money back after a scam can be found here.
Anyone receiving phishing emails like this should report them to the National Cyber Security Centre on firstname.lastname@example.org
Suspicious emails can also be forwarded to Action Fraud on email@example.com
One of the most direct actions you can take immediately to ensure others do not fall victim to these scams is to share these warnings with friends and family.
Have you received this Just Eat phishing email? Have other takeaway delivery services been targeted? Let us know in the comments.