Scam Ofgem email is luring victims with fake energy refunds, warns Which?

Consumer group Which? has issued a warning about scammers posing as the energy regulator Ofgem to dupe people into handing over personal and payment details.

Emails using the Ofgem logo and branding claim to offer an ‘energy bill rebate scheme’, directing recipients to a fake online portal. There, victims are urged to share personal and payment details in order to claim their refund.

ake Ofgem email offering an energy rebate

Bogus emails inform recipients that you can ‘get your rebate via the Ofgem portal’ by clicking a link that takes you to a fake site.

Which? said: “Capitalising on the government’s cost of living energy measures, the email explains that you claim a £200 discount on energy bills this Autumn and a £500 Council Tax Rebate. It also claims that you have to apply before September.”

“While this email appears to come from Ofgem, if you examine the sender’s email you can see that the address has been spoofed. ”

Fake emails Which? has seen come from:

• info@rebate-ogem.com
• info@totalsolutions24-7.co.uk
• reservations@expedicar.ro, and
• info@globalskyward.com.

“The link in the email directs you to a fake portal to harvest your details. The fake website – rebate-ofgem.com – prompted urgent warnings from the real Ofgem earlier this year.” The consumer watchdog said.

Copycat Ofgem website asking for personal detail

On arriving at the fake site, victims are confronted with a webform in order to ‘set up a direct debit’, which initially requests your full name, date of birth and email address.

For the purposes of this investigation, Which? filled in the webform using some false details and found we were further prompted to enter our:

• address and postcode
• email address
• phone number
• mother’s maiden name
• payment card details.

Which? said: “Anyone providing these details to the scam site is likely to find their card fraudulently debited and would also be at grave risk of their identity and online accounts being taken over.”

“Both Which? and Ofgem have reported this scam website to the National Cyber Security Centre (NCSC).”

“Which? has also seen examples of fake text messages impersonating the energy regulator.”

“One example claims you’re ‘eligible for a UK government funded £400.00 energy bill rebate’ and directs you ofgem.secure-reg.com to complete the application.”

“The website was blocked by our security filters as it was identified as a phishing website. Which? has reported this website to NCSC.”