Fraudsters may pretend to be legitimate companies, like energy providers or the government, to trick people into handing over their money or personal details. For example, with the fake offer of an energy rebate or cost-of-living payment. Then the criminals can use your details to steal your money or to commit further fraud.

We’ve listed some of the most common scams, so you know what to watch out for. Different scams might crop up as new cost-of-living schemes are launched, but the advice is often the same: stop and think before handing over your personal details, clicking on a link, or sending a payment.

"Criminals might try to panic you or lure you into acting quickly. Never be afraid to stop and challenge."

Kirsty McStay, Financial Crime Officer, Triodos Bank

Energy bill rebates

Scammers have been taking advantage of rising energy bills by sending phishing messages pretending to offer energy rebates. Many of these scams capitalised on the roll out of the government’s £400 Energy Bill Support Scheme.

Criminals are adept at spoofing emails and messages, so it may look as though they’ve come from your energy provider or the government. They may even call you up and can even spoof the telephone number of legitimate companies.

An example of a phishing message

The messages may vary, but they may ask you to check if you’re entitled to a rebate, or to register for a rebate by clicking on the link. These links then lead to genuine looking websites set up to steal personal and financial information.

Phishing messages

Phishing messages are designed to appear as though they are from a legitimate source (like a bank, HMRC or another well-known organisation), but intend to steal personal information that can be used to access your account. The most common phishing method encourages victims to visit a malicious website through a fake email or text message.

More on phishing

In some cases, scammers will then ask people to register for the payment by entering their personal information and bank details. These are then used to steal money and comment further fraud. In some cases, they may do this by calling the victim of the phish, pretending to be their bank. They will use the personal or financial details that they’ve already taken to convince them of this, and to manipulate the person into handing over further details or money.

Impersonation fraud

Fraudsters may pretend to be from trustworthy and well-known companies, like BT, Microsoft or Amazon. They may even pretend to be your bank or the police. Their aim is to convince you to share your personal or bank details, or to ask you to download malicious software.

You will not need to apply for the Energy Bill Support Scheme or be asked for your bank details to receive the payment. Be suspicious of any messages asking you to register for an energy rebate or to supply your bank details.

Cost-of-living payments 

The Department for Work and Pensions (DWP) has announced that cost-of-living payments will be made between Spring 2023 and Spring 2024 to help support people financially. But with this, they’ve also warned of scams from criminals asking people to apply for these payments.

These scams often work in a similar way to energy rebate scams. Except in this case, the scammers may pretend to be the DWP or another organisation offering to help with cost-of-living payments. But again, avoid clicking on links in messages as they may take you to malicious websites designed to steal your personal information and banking details.

If you’re eligible for cost-of-living payments, you won’t need to apply for the payment or contact the DWP directly. Payment will be made for you automatically in the way you usually get your benefits or tax credits. Visit the correct organisations website when applying for benefits rather than clicking on a link in a message you're not sure about.

Fake vouchers, discounts and offers

Fraudsters are taking advantage of rising living costs with scams which claim to help you save money on essentials.

Laptop screen showing shopping basket and order now icon
Be cautious of deals that seem too good to be true.

According to Action Fraud, there has been a rise in phishing emails claiming to provide savings on energy bills, as well as offering fuel vouchers, phone bill discounts and supermarket offers. Scams may also come in the form of spoofed adverts on social media or websites, offering deals or giveaways. These adverts may mimic well-known supermarkets and brands, but in fact lead to other websites designed to steal your details.

Remember: If you see an offer, don’t click on the link or advert itself. Instead, check the brand’s official website or social media to see whether the offer is authentic. And remember, if an offer seems too good to be true, it probably is.

How to protect yourself

Don't

  • Share your bank or card details over the phone, by email, or by message.
  • Click on links or attachments included in unsolicited emails or messages.
  • Assume that an email, phone call or text message is authentic.

Do

  • Check email addresses, phone numbers and URLs to see if they look suspicious.
  • Visit the organisations website by searching your browser rather than clicking on a link or advert.
  • Call companies back using the number on their website to confirm whether a message is genuine.
  • If you think you’ve fallen victim to a phishing scam, contact your bank straight away to report it.

What we’ll never do

To help you spot fraud, we’d also like you to know the things we’d never do. We will never contact you out of the blue to ask you:

  • for your digipass PIN
  • for your card number or PIN
  • for your mobile app passcode
  • to transfer money out of your account
  • to click a link in an email to our internet banking

If in doubt, call us on the number on our website, or delete the email without opening it.

Be fraud aware - what are phishing, smishing and vishing?

Many of the scams in this article are forms of phishing messages. Read our article phishing article to learn how fraudsters use them as a way to get personal details and money, or to install malicious malware.