E-mail this page E-mail this



PG&E/Atmos Phishing Scam


Phishing bait:   Billing statements from PG&E and Atmos Energy.

SCAM

Example:   [Collected via e-mail, January 2014]

Comment: I received 2 emails like this. I don't have an account with PGE, nor do I use gas. I didn't click, just in case that's how they get their info. Any insight will be appreciated.
 

PG&E ENERGY STATEMENT Account No: 441401665-1
Statement Date: 01/07/2014
Due Date: 02/01/2014

Your Account Summary

Amount Due on Previous Statement $344.70
Payment(s) Recieved Since Last Statement 0

Previous Unpaid Balance $344.70

Current Electric Charges $165.20
Current Gas Charges 49.20

To view your most recent bill, please click here. You must log-in to your account or register for an online account to view your statement.

Total Amount Due BY 02/01/2014 $559.70
 

Origins:   In January 2014, Internet users began receiving messages like the one reproduced above that purported to be energy statements (i.e., utility bills) from Pacific Gas and Electric Company (PG&E). Such messages included instructions for the recipients to follow a hyperlink or open an attachment in order to view their statements and/or register for an online account. These messages were intended to lure recipients, concerned about receiving unexpected bills, into attempting to view the referenced statements — a process which would lead them not to viewing a document but into launching an executable file.

Similar messages have been sent out in the name of Atmos Energy as well, and that company has posted a warning on their web site and advised customers that:
As an Atmos Energy e-Bill customer you are accustomed to receiving your monthly bill notice by email. We would like to inform you of a widespread email scam which portrays a bogus Atmos Energy bill. The emails have been sent to individuals nationwide including Atmos Energy customers.

The "phishing" message references a fake account number and contains links to fraudulant websites. The email provides links to mislead you in believing you are going to view your bill, learn more about natural gas or view bill inserts. Actually, the links lead you to a compromised website that hides malware. We are asking anyone who receives that deceptive email to delete it immediately and do not click on any links.
PG&E has also posted a warning on their site advising consumers to "Please be alert to an email scam using PG&E's name," with a link to an article about confirming contact from PG&E:
Individuals and companies are posing as PG&E employees or contractors to gain access to your account information or entry into your home. Here are ways to protect your home or business.

You should always ask to see identification before allowing anyone claiming to be a PG&E representative inside their home. PG&E employees always carry their identification and are always willing to show it to you.

If a person claiming to be a PG&E employee has identification and you still feel uncomfortable, call PG&E's customer service line at 1-800-PGE-5000 to verify an appointment and/or PG&E's presence in the community.

If you have an appointment with PG&E, you will receive an automated call back within 48 hours prior to a scheduled visit, or a personal call from a PG&E service representative prior to a scheduled visit.

If you have concerns about the legitimacy of a call you have received about a past due bill, a service request or a request for personal information, call PG&E immediately at 1-800-743-5000.

PG&E's Credit Department will never ask for personal information, a credit card number or a gift card number over the phone. If you have received such a phone call and provided credit card or checking account information should report it immediately to the credit card company or bank and law enforcement.

Last updated:   9 January 2014

Urban Legends Reference Pages © 1995-2014 by snopes.com.
This material may not be reproduced without permission.
snopes and the snopes.com logo are registered service marks of snopes.com.