We have been made aware of a fraudulent email purporting to come from one of the water wholesalers that we work with being sent to one of our customers. In this case, an email was sent to a business claiming to be from South West Water, with the subject South West Water LOA and an attached Word Document called ‘Letter of Authority by South West Water’. The fraudulent email offered discounted water if personal information, including names, addresses, and bank details, was entered.
This is known as phishing - where fraudsters fish for potential victims by sending emails, social media messages or text messages in the hope of persuading people to give out personal information. The fraudsters then use your details to steal your identity, or take the money you’ve paid and break all contact.
We would advise our customers to take the following advice from Action Fraud to protect themselves against phishing:
- Don’t assume anyone who’s sent you an email or text message – or has called your phone or left you a voicemail message – is who they say they are.
- If a phone call or voicemail, email or text message asks you to make a payment, log in to an online account or offers you a deal, be cautious.
- Make sure your spam filter is on your emails. If you find a suspicious email, mark it as spam and delete it to keep out similar emails in future.
- If in doubt, check it’s genuine by calling us direct on 0330 123 0205. Never call numbers or follow links provided in suspicious emails.
- Do not click on any links in the scam email.
- Do not reply to the email or contact the senders in any way. If you have clicked on a link in the email, do not supply any information on the website that may open.
- Do not open any attachments that arrive with the email.
Action Fraud lists the following as potential signs that an email is fraudulent:
- The sender’s email address doesn’t tally with the trusted organisation’s website address.
- The email is sent from a completely different address or a free web mail address.
- A sense of urgency; for example the threat that unless you act immediately your account may be closed.
- A prominent website link. These can be forged or seem very similar to the proper address, but even a single character’s difference means a different website.
- A request for personal information such as user name, password or bank details.
- The email contains spelling and grammatical errors.
- You weren't expecting to get an email from the company that appears to have sent it.
- The entire text of the email is contained within an image rather than the usual text format.
- The image contains an embedded hyperlink to a bogus site.
If you believe that you have been phished, report it to Action Fraud on 0300 123 2040 and us on 0330 123 0205.