Stay informed about cyber awareness training topics and mitigate risk in your organisation.

Scam of the Week – Warning over Thomas Cook Refund Scam

Thomas Cook Refund Scam

Fraudsters keen to capitalise on the collapse of Thomas Cook have already started targeting customers with telephone refund scams.

The historic travel firm went bust on Sunday evening, leaving 160,000 holidaymakers stranded abroad and 20,000 employees without a job.

Around a million people are believed to have had holidays cancelled as a result of the firm’s collapse, which has created a window of opportunity for fraudsters to swindle customers out of money.

The crooks claim to offer refunds to people who have lost money from the cancellation of flights and holidays, but rather than reimburse them, the fraudsters are stealing their financial details and clearing out their bank accounts.

Hundreds of people across the country have reported receiving phone calls from someone claiming to be from Thomas Cook offering an immediate refund to their account. However, many of the individuals haven’t even booked a holiday with the company, suggesting the crooks are cold-calling and casting their nets as wide as possible.

Worried individuals have taken to social media to warn others about the scam and detail their experiences.

A spokesperson for the Official Receiver, the body managing the closure of Thomas Cook, said: “We are aware of Thomas Cook customers being offered refunds in exchange for an upfront payment and bank details. Do not engage with these offers and report them immediately to the Official Receiver and Action Fraud UK.”

To avoid being scammed by a fraudster:

  • Be wary of phone calls from unknown numbers – If a call comes out of the blue from a number you’re not familiar with, treat the call as suspicious.
  • Never give out personal information over the phone – Legitimate organisations will never ask you to disclose personal information such as your bank account details, pin or passwords over the phone.
  • Be wary of phone spoofing – Criminals have access to sophisticated technology that can make a telephone number appear genuine, not their actual caller ID.
  • Hang up – If you’re feeling intimidated or harassed by the call, hang up immediately. A common tactic is to create a sense of urgency to pressurise the victim into handing over their personal details.
  • Ring the organisation directly – If you think the phone call is a scam then hang up the phone and ring the organisation directly. Source the official number yourself and never call back using the number the caller has given you.

The Civil Aviation Authority (CAA) has set up a dedicated website providing customers with advice on what to do next. Many of the affected customers will be able to claim cashback through the Air Travel Organiser’s Licence (ATOL) scheme.

ATOL is a Government guaranteed protection scheme for UK tour operators and protects over 28 million consumers each year. This includes if a company goes into liquidation before or after a customer’s trip.

If you think you have been a victim of fraud, report it to Action Fraud on 0300 123 2040 or via

MetaPhish has been designed to provide the first line of defence against phishing and ransomware attacks. Contact us for further information on how we can help protect your business from this growing threat.

about the author

sharing is caring

Share on linkedin
Share on twitter
Share on facebook

you might enjoy reading these

UK GDPR Series Available Now

Privacy is an ongoing concern for every organisation, however, the notion of consent isn’t without its complications. To help organisations navigate data protection protocols, we
Read More »

Seasonal Phishing Templates

Phishing is a year-round activity for cybercriminals, and just like retailers, they use seasonal events as an opportunity to cash in. Seasonal occasions, including St
Read More »

Request Demo

The personal information that you provide to us in this form will only ever be used by MetaCompliance (as the Data Controller) for the following specifically defined purposes:

  • email you content that you have requested from us
  • with your consent, occasionally email you with targeted information regarding our service offerings
  • continually honour any opt-out request you submit in the future
  • comply with any of our legal and/or regulatory obligations