Serious word of warning: Scam phishing emails claiming to be from British Gas will immobilise your computer…
Apparently they were first reported on the 16th August 2016 and have since been making their way across the internet. Rather disappointing that we haven’t heard any national announcements/notifications from British Gas about this seeing as there rather more sinister than a basic scam email. British Gas do have a post about it on their website but that’s of no use to anyone who doesn’t search for these things beforehand.
It’s a lot more concerning than most phishing emails though as they (the scammers) don’t just want to just scam you out of money…
these pesky toe rags want to hold your computer to ransom whilst doing so!
Basically, the fake email pretending to be from British Gas includes a link to where you can download your bill.
Upon clicking this link it takes you to a page presenting itself as being British Gas, see pic below for the screenshot of fake British Gas Website:-
Unfortunately they forgot to allow for the regional language when coding their fake website and the search box (circled top right) is showing in another language. They also had a reasonably believable domain name of britishgasbill.com.
Unfortunately for them they forgot to use the domain for their phishing emails (probably already blocked, however the domain is still live) and instead chose ones which look extremely false. In fact I have received two, both with completely different email address’s of which I’m suspecting they are spoofing somewhat… I won’t list them as they could be someones real email and they wouldn’t appreciate that.
The fake British Gas website then:-
asks you to do a security conformation before downloading your bill.
Surprise surprise the downloaded file is a .zip (compressed archive file) called “BritishGas_Bill.zip”. What this means is that it will bypass your computer security software because the program inside isn’t formatted as such so is not easily identifiable, and even if you scan the file once downloaded then it probably still won’t set any alarm bells off.
It’s only once you extract the file that you will wish you hadn’t. The malicious program is initiated and proceeds to:-
lock your computer up and demands you make a payment before it is unlocked again.
If you have already been had by this then you can report it to the ACTION FRAUD website, or help them by forwarding your email to them for investigation, you can find more info at the following address:
To see how to spot a fake email then just read my other blog from a while back on the HMRC phishing emails which can be found here.
Well, that’s it for now so just be aware… be very aware!