Kingsley Village
in the heart of Cheshire

Message sent by
Ian Harding (Police, PC, Chester LPU PC)



The information contained within this alert is based on a number of reports made to Action Fraud. The purpose of this alert is to increase awareness of this type of ransomware, which can occur when a British Gas bill email is opened. We are raising awareness of this ransomware to members of the public, regional police forces, businesses and governmental agencies to help people stop themselves and others becoming victims.


Fraudsters are spamming fake British Gas utility bill emails that link to a virus that takes over victim’s computers.

Action Fraud has received hundreds of reports of these emails cleverly designed to look like a seemingly harmless utility bill. The emails contain links that take people to a website where they are told to download a file in order to view their bill. After downloading the file, the virus locks you out of your computer and then directs you to an online payment page.

British Gas say that their emails will always be personalized and will often quote your British Gas account number (where the email relates specifically to your account) and will only provide links back to the website.


Having up-to-date virus protection is essential; however it will not always prevent you from becoming infected.

Please consider the following tips:

 Make sure that your internet browser and any plug-ins (e.g. Flash, Java, Silverlight) are up-to-date

 Don’t click on links or open attachments from unknown email addresses. Remember that fraudsters can ‘spoof’ an email address to make it look like one used by someone you trust. If you are unsure, check the email header to identify the true source of any such link or attachment.

 Please visit the British Gas website directly and log in from there to check utility bills. Do not use the purported link provided in suspicious emails.

 Avoid logging into your email account from a public computer (e.g. at a hotel or internet cafe) as it could be infected with spyware. Additionally don’t connect to unsecured public Wi-Fi, use mobile data services such as 4G to access your accounts instead.

 Create regular backups of your important files to an external hard drive, memory stick or online storage provider. It’s important that the device you back up to isn’t left connected to your computer as any malware infection could spread to that too.

 Don't pay extortion demands as this only feeds into criminals' hands, and there's no guarantee that access to your files will be restored if you do pay.

 If you have been affected by this, or any other scam, report it to Action Fraud by calling 0300 123 2040, or visiting


The NFIB needs feedback from our readers to evaluate the quality of our products and to inform our prioritiesPlease would you complete the following NFIB feedback survey through: This should take you no more than 2 minutes to complete. If you have other feedback or additional information that you would prefer to provide by email please send to This email address is being protected from spambots. You need JavaScript enabled to view




Find us on Facebook

Latest Events

Click here for full calendar