Currys sends warning to all customers

READ MORE: Marks and Spencer's 'versatile' £39 bomber jacket is 'perfect' for unpredictable Spring weather, say reviewers

According to experts at secure card payments provider, Dojo, the scams are becoming more frequent, and are starting to target consumers daily, with some consumers receiving the same scam multiple times a week. Whilst at first, it may look legitimate with branding, there are numerous red flags that consumers should be aware of.

Firstly, the website address and email aren’t coming from Currys’ official domain, and the currency is in dollars. There is also a timer that warns the offer will disappear, to add time pressure on victims to encourage them to fill out the survey and input personal details. Having acquired the stolen card details, scammers are then using them to make lavish online purchases, and empty bank accounts, causing a huge financial and psychological impact on victims.

A spokesperson from Currys warned: "I can confirm that these phishing emails were not sent by us, and appear to be part of a fraudulent operation where criminals are using household brand names such as Currys, to defraud members of the public. We are doing all we can to try and stop these scams and would strongly urge members of the public to report any receipt of such emails to Action Fraud, as well as marking them as ‘phishing’ in your inbox. Additionally, we also recommend that any members of the public who are concerned by a ‘competition win’ email, text, or phone call, refer to the Citizen’s Advice resource for identifying scams.

"We have robust security measures in place and are continually monitoring our systems for third-party threats or data loss. We also provide all staff with regular training on data security, and would like to assure you we take the security of our customers’ data very seriously.

"Whilst this is largely out of our control, please accept our sincerest apologies for any potential inconvenience or harm caused. If customers are in any doubt about the veracity of an email they receive purporting to be from Currys, we recommend that they take extreme vigilance and get in touch with our customer services teams directly to check the email’s authenticity with a member of the Currys team."

Naveed Islam, Chief Information Security Officer, at Dojo, said: "A key warning sign for a scam is to entice consumers with free items that are just too good to be true. Quite often, these offers will be time-limited to cause extra pressure on victims to enter their payment card or bank details without necessarily double-checking the legitimacy of the offer, and this is what we can see in this scam.

"With the scam impersonating well-known retailers like Currys, consumers should be extremely vigilant with any offers that they see in their inbox or on social media. If you have fallen victim to a scam, contact your bank immediately to suspend your card and account. Your bank or building society will then be able to provide specialist support from their scam unit.

"Ultimately, if you have any doubt about the authenticity of a text message or email, it’s probably a scam. Take a minute to think about the message; were you expecting it, have you checked for spelling mistakes and double-checked the sender's address? If the email address from the sender doesn’t look like it’s from a genuine address, don’t click on it. If you think it is a scam, you can forward the email as an attachment to Action Fraud who will investigate, or alternatively forward it to report@phishing.gov.uk. You can also forward any suspicious SMS for free to 7726 and both services are provided by the UK government, for free."

How to spot a phishing email

You should always consider the below before inputting your card details into any website, clicking on an email or following a text message link:

• Check the sender’s email address - Often scammers will use a suspicious email address that includes words that don’t relate to the company they impersonate or lots of numbers.
• Check for poor spelling and grammar, or mistakes in the company’s name - Although some fraudulent emails are highly sophisticated, many of them can be poorly worded and there are some tell-tale signs they’re not legitimate.
• Check the formatting of the email - A lot of companies send legitimate emails from a templated third-party system. Your favourite brands will often spend a lot of money making their emails branded and it can be difficult for scammers to replicate these email templates. So if you see plain-text emails with no branding – or brand logos replicated in low resolution, look back at your inbox to see if this matches the company’s typical communication designs.
• Don’t rush to action their demands - Often scammers thrive from creating a sense of urgency and panic in the recipient. They will use scare tactics or threatening language to make you rush into doing something. Whether it's clicking a suspicious link or providing your personal data, you should take some time to review the email and research its legitimacy before taking any action. If you’ve already clicked the link, check the URL straight away and do not log in anywhere as scammers can capture your details to take over your account.
• Never send sensitive data via emails or online links from emails or SMS - If you suspect you’ve been sent a phishing email, do not click on it and try not to open it at all - especially if you’re using your work email. Scammers often leave malicious links within the email that once clicked allow them to enter your computer’s system. If you accidentally click on one of these emails you should change your passwords immediately and check your bank accounts regularly to make sure no money has disappeared. If this happens you should alert your bank immediately and they will guide you on further action. If you’re concerned about your work email account or laptop, you should contact your information security team straight away and flag your concerns. It’s always better to be cautious and vigilant when dealing with online security.
• Contact the company implicated- Whether you’re unsure, or you’re totally convinced that you’ve received a scam email pretending to be a company, reach out to that company to inform them and see further information. They will be able to let you know within an instant if the communication you received was legitimate. And often large brands will have dedicated teams investigating frauds affecting their customer base and damaging their brand reputation, so they will undoubtedly appreciate any information you can provide that can stop these fraudulent activities going forward.

READ NEXT:

• Beauty fans say £30 Boots box containing £164-worth of make-up is so high-end, they'd happily pay a lot more

• Fashion fans rush to buy 'perfect and flattering' £39 Marks and Spencer Spring dress after seeing it on Holly Willoughby

• Beauty fans say 'magic' £10 Boots anti-ageing serum works SO fast it's a 'beauty sleep in a bottle'

• Aldi shoppers praise 'dreamy' £25 furniture Special Buy that instantly transforms any garden into a 'haven'

• 51-year-old Amanda Holden strips down to her underwear as BGT auditions begin following David Walliams axe