Fraudsters are spamming fake British Gas utility bill emails that link to a virus that takes over victim’s computers.
Action Fraud has received hundreds of reports of these emails cleverly designed to look like a seemingly harmless utility bill. The emails contain links that take people to a website where they are told to download a file in order to view their bill. After downloading the file, the virus locks you out of your computer and then directs you to an online payment page.
British Gas say that their emails will always be personalized and will often quote your British Gas account number (where the email relates specifically to your account) and will only provide links back to the britishgas.co.uk website.
Protection / prevention advice
Having up-to-date virus protection is essential; however it will not always prevent you from becoming infected.
Please consider the following tips:
- Make sure that your internet browser and any plug-ins (e.g. Flash, Java, Silverlight) are up-to-date
- Don’t click on links or open attachments from unknown email addresses. Remember that fraudsters can ‘spoof’ an email address to make it look like one used by someone you trust. If you are unsure, check the email header to identify the true source of any such link or attachment.
- Please visit the British Gas website directly and log in from there to check utility bills. Do not use the purported link provided in suspicious emails.
- Avoid logging into your email account from a public computer (e.g. at a hotel or internet cafe) as it could be infected with spyware. Additionally don’t connect to unsecured public Wi-Fi, use mobile data services such as 4G to access your accounts instead.
- Create regular backups of your important files to an external hard drive, memory stick or online storage provider. It’s important that the device you back up to isn’t left connected to your computer as any malware infection could spread to that too.
- Don't pay extortion demands as this only feeds into criminals' hands, and there's no guarantee that access to your files will be restored if you do pay.
If you have been affected by this, or any other scam, report it to Action Fraud by calling 0300 123 2040, or visiting www.actionfraud.police.uk