Fraudsters are posing as the energy regulator to dupe the public into handing over personal and payment details, Which? has learned.
Emails using the Ofgem logo claim to offer an 'energy bill rebate scheme' worth up to £450 per household, directing recipients to a fake online portal. There, victims are urged to share personal and payment details in order to claim their refund.
The fake website - rebate-ofgem.com - was registered just days ago, but has already prompted urgent warnings from the real Ofgem.
The deceptive email comes from - firstname.lastname@example.org - and informs you that 'you are eligible to apply for [sic] energy bill rebate'. It claims you have until the 1 June 2022 to apply and to claim the rebate you must click a link in the email, which takes you to a fake site.
On arriving at the fake site, victims are confronted with a webform in order to 'set up a direct debit', which initially requests your full name, date of birth and email address.
For the purposes of this investigation, Which? filled in the webform using some false details and found we were further prompted to enter our:
Anyone providing these details to the scam site is likely to find their card fraudulently debited and would also be at grave risk of their identity and online accounts being taken over.
Both Which? and Ofgem have reported this scam website to the National Cyber Security Centre (NCSC). Which? has also reported it to its domain registrar, but at the time of writing, it remains live.
. Local authorities are administering the rebates and the Local Government Association said councils won’t ask for bank details over the phone. We’ve also seen variations of energy rebate scams being sent by email and text message. Rebates will be issued directly to those who pay via direct debit, if you don’t pay this way then you’ll be contacted via a letter to explain how to claim.