A scam email is doing the rounds claiming to be from Companies House.
Do not open this email, as it will download malware to infect your computer.
But there are some clues that this is a fake:
- The most obvious clue is the attachment – particularly the .doc extension on the attached file. This indicates an older version of a Microsoft Word document, which can easily incorporate a virus or software components to access your computer’s data.
- A genuine message from Companies House would involve logging onto your account via their official website. No public body, company or any other reputable organisation would ever send a secure message in an attachment – and certainly not in a Word document.
- The email address is not from the Companies House domain. Their real email address is email@example.com. Any email address ending in .gov.uk is a genuine government one – but not if other letters have been added to either the gov or uk part. But the scammers here are exploiting the fact that many people are aware .gov.uk is genuine by using cpgov.uk that looks similar enough to catch people out who are not looking closely. Even if it appeared to come from the genuine address above, that can be faked by the sender so you should not use take that as a sign it is genuinely from Companies House.
- The body of the email is blank. You would not expect a genuine email to have just an attachment with no accompanying text. Here scammers are playing on people’s curiosity to open the attachment and find out what it is about.
- The recipient of this particular email has no dealings with Companies House, so it was obviously it was not genuine. But this scam could, for example, have more easily convinced someone working for a business where they may have dealings with Companies House.
- Another clue in this particular instance is that it was received on an email address that had only ever been given to the Sunday Times Wine Club and had never been given to Companies House or any other organisation. The recipient of the email gives each organisation they have dealings with separate email addresses in order to help identify where data breaches occur.
You can report this type of email to Action Fraud.