Stay informed about cyber awareness training topics and mitigate risk in your organisation.

Scam of the Week – Nectar Customers Targeted with Text Message Phishing Scam

Nectar has warned its 19 million customers about a new text message phishing scam aimed at stealing their personal data.

The text message appears to come from the official Nectar loyalty scheme and offers customers double points if they click on a link and log in to their online account.

The message informs cardholders that as it is the loyalty card’s 10th anniversary, they are entitled to the double points bonus.

Users believe they are following a legitimate link through to the Nectar Login page, but are in fact directed straight through to a phishing website set up to steal their personal information.

Image: Nectar Phishing Text

Scam of the Week - Nectar Customers Targeted with Text Message Phishing Scam

Source: This is Money

Nectar was quick to inform customers that the message is fraudulent and urged anyone who received the text not to click on the link but to delete the message immediately.

The company also said it was not its 10th anniversary and that the loyalty scheme was launched 16 years ago in 2002.

In response to the scam, Nectar released a statement: “Customers should always be mindful of phishing scams. After being alerted to a phishing message in circulation we immediately issued a warning advising customers it is not from Nectar and to delete it.

“Nectar will never ask a customer to reveal their password or ask for any financial details to access your account.  Look out for any emails that ask you to provide these types of details and when logging into Nectar, always make sure you see the green padlock in your browser bar.

Red flags to look out for on a suspicious email or text message include threatening language, a generic greeting, poor grammar, spelling mistakes, a mismatched URL, claims of prizes or a request for personal information. Legitimate businesses will never send emails or texts requesting you click on a link to enter or update personal data.

MetaPhish has been designed to provide the first line of defence against phishing and ransomware attacks. Contact us for further information on how we can help protect your business from this growing threat.

about the author

sharing is caring

Share on linkedin
Share on twitter
Share on facebook

you might enjoy reading these

UK GDPR Series Available Now

Privacy is an ongoing concern for every organisation, however, the notion of consent isn’t without its complications. To help organisations navigate data protection protocols, we
Read More »

Seasonal Phishing Templates

Phishing is a year-round activity for cybercriminals, and just like retailers, they use seasonal events as an opportunity to cash in. Seasonal occasions, including St
Read More »

Request Demo

The personal information that you provide to us in this form will only ever be used by MetaCompliance (as the Data Controller) for the following specifically defined purposes:

  • email you content that you have requested from us
  • with your consent, occasionally email you with targeted information regarding our service offerings
  • continually honour any opt-out request you submit in the future
  • comply with any of our legal and/or regulatory obligations