As winter approaches, scammers are taking advantage of the season to target senior British residents with fraudulent “winter heating allowance” and “cost of living support” scam texts. These texts often direct recipients to fake websites that collect sensitive personal and payment information.
This scam campaign is especially concerning due to the UK government’s recent changes to the Winter Fuel Payments program, which has reduced the number of pensioners eligible for heating support, creating a perfect opportunity for scammers to exploit confusion around these changes.
Each year, the UK government provides Winter Fuel Payments to help pensioners cover heating costs. However, the government recently announced cuts to the program, reducing the number of eligible pensioners by about 1.5 million.
This reduction follows a decision to tighten eligibility criteria, which affected a large number of the 11.4 million pensioners who received payments last year. As a result, scammers have seized on the uncertainty and confusion surrounding these cuts to lure people into providing their personal and financial details under the guise of offering government support.
The scam texts urge recipients to act quickly, claiming they must fill out an application form by a certain deadline to receive the winter fuel payment. One such text warned that the application deadline was November 12 and directed the recipient to click a link leading to a lookalike GOV.UK page.
These phishing websites mimic official government sites and ask for personal and payment information, tricking unsuspecting users into sharing their sensitive data. The scammers even attempt to make the page look legitimate by using similar web addresses and design elements.
A cybersecurity researcher tracking the campaign discovered 597 unique domains related to the scam. Many of these domains use shortened links from services like TinyURL, which redirect users to fraudulent websites hosted on suspicious domains, such as noticesgove[.]top.
Interestingly, these phishing websites are designed to work only on mobile devices. When accessed from a desktop, users are presented with a page that claims the domain is for sale, further revealing the fraudulent nature of the operation.
The UK’s Regional Organised Crime Unit (ROCU) has issued a warning to pensioners about these scam texts. They advise that people should be cautious of unsolicited messages offering heating subsidies or other government support.
The police unit emphasizes that these scams attempt to gather personal details or prompt payments through fake websites. Victims of such scams are encouraged to report the incident to authorities, such as the National Cyber Security Centre or Action Fraud, and to forward suspicious texts to 7726, which alerts mobile service providers to investigate further.