Phishing emails, which seem to be genuine have been recently targeting Electric Ireland customers. They give a genuine reason for clicking on the link included in the email and have been well written. The link brings the recipient to a phishing website that looks authentic. Even the request published on the website does not appear unreasonable.
For a customer to receive the refund, they must provided their banking information to allow the electricity company to complete a transfer. In order to prove their identity, current and former customers must supply proof of identity. The scammers request a scan of customers’ passports.
Other reports suggest that some customers have been issued links to fake websites that require them to disclose their mobile phone numbers along with security codes and passwords.
It is not yet known how the scammers have obtained the email addresses of Electric Ireland customers, as according to the utility company there has been no security violationand the database in which customer account information is stored remains safe. However, an audit is being completed by the company’s IT department to determine if any individual has logged onto its network or has otherwise gained access to customer data.
A Garda representative has confirmed that many Irish citizens have already being tricked by the Electric Ireland phishing scam and have said that fraudulent withdrawals have been made from their personal bank accounts.
The Electric Ireland phishing scam is one of a number of convincing campaigns to have been discovered in recent weeks. Hackers have become gifted at crafting emails and setting up malicious websites, and it can be difficult to determine whether a request is authentic or fake.
The Electric Ireland phishing scam may appear authentic, however legitimate companies would not issue emails requesting sensitive information of that nature to be shared over the Internet. It should also be noted that if a company has taken excess funds from a bank account to pay a bill, the company would be able to complete a refund directly to the same bank account. They would not ask for those details to be given again – nor request copies of ID, mobile phone numbers or passwords.
If any person has being tricked by the Electric Ireland phishing scam they should contact their bank quickly and place a block on their account. This will stop the criminals from making any fraudulent transfers. However, it may be too late for many customers to stop losses being incurred.
