554 words, approx. 2.5 minutes to read.

Scammers regularly find ways to pretend to be a reputable business, in an attempt to access your personal data. These types of scams is called ‘phishing’.

We have seen a number of these scams and want you to be aware of them.

Co-op £200 gift card pop up

There is an internet scam appearing to offer a Co-op gift card worth £200 if you click on a link and enter your personal details. The “offer” appears in a pop-up window in your browser and asks you to answer three shopping-related questions, then fill in your personal details. Here it is:

Safe-Image (1) Safe2 (1) Safe3 (1)

This is a clever and professional-looking pop-up, but it is not a genuine offer. If something looks too good to be true, it probably is, so when you see similar pop-up windows make sure you:

  • Examine the message closely for obvious signs of fraud such as poor spelling and grammar
  • Check the website address – if it looks odd, or different to the genuine retailer, close the pop-up immediately and check with the retailer
  • Ensure your antivirus is up to date and scan your computer for possible malware infections.

Co-op £100 gift voucher email

This email is quite authentic looking, but the main giveaway is the sender’s name and domain address.

The sender’s name and domain can be masked, so you can’t trust that alone. However, if you’re unsure, hover over or right click on the send name and look at the send properties, to see the email address it’s actually from.

Some email services e.g. Google Mail behave differently and depending on your settings you may be able to just hover over the email itself to see the real address.

Action Fraud offer this additional advice on spotting scam emails;

  • You weren’t expecting to get an email or attachment from the company that appears to have sent it
  • The sender’s email address doesn’t look the same as the real organisation’s website address
  • The email is sent from a completely different address or a free webmail address like Gmail or Hotmail
  • The email does not use your actual name, but uses a non-specific greeting like ‘dear customer’ (real companies are more likely to personalise the email)
  • A sense of urgency; for example the threat that unless you act immediately your account may be closed
  • The email may include a website link, which can be forged or seem very similar to the proper address, but even a single different character means a different website
  • A request for personal information such as username, password or bank details
  • The email may contain spelling and grammar errors, or strange language
  • The entire text of the email is contained within an image rather than the usual text format
  • The image contains an embedded hyperlink to a bogus site

What to do if you’re sent a scam email:

  • Don’t open any attachments or links in the email
  • Don’t reply to the email, contact the sender or fill in any information
  • Delete the email and then delete it from your trash too
  • Report any suspicious emails to Action Fraud
  • If you’re a Co-op colleague and you get suspicious emails to your work email address, forward them on, with the word ‘phishing’ in the subject line, to our Information Security team on spam@coop.co.uk, before deleting them

Christina Coutts
Information Security Education and Awareness Manager

Join the conversation! 5 Comments

  1. Thanks for letting us know. ^Mel

  2. I have received a few recently from ”Costumer Service” stating ”We pay your shoppings ”

  3. Hi I have received a letter not an email supposedly from you to say that I am owed a refund from 2016 ! the letter is signed by a Gary Hueting Chief Operating Officer
    Asking me to call 0330 018 3828
    To allow them to check my payment details so they can process the refund
    Please can you advise
    Lynda Allsopp

  4. what is your real email address though?

  5. Thanks, I have had three now from different countries!
    Hope your advice helps prevent frauds.


Leave a Reply