Watch out for NEST pension phishing emails

Employers who have signed up to use NEST pensions as part of the auto-enrolment programme, should be aware that scammers are sending out emails purporting to be from NEST pensions, saying that an amount (far in excess of normal contributions) will be taken from the recipients bank account.

We understand that the email looks something like this and includes a Word format attachment.

"From: do_not_reply@nestpensions.org.uk [mailto:info@nestpensions114.top]

Sent: 09 February 2017 09:14

To: client@client.name

Subject: You've got a new message in your NEST mailbox

There's a new message in your NEST mailbox.

We're confirming that payment of 2922.82 will be taken by Direct Debit in accordance with your agreed terms.

Please see the details in attached file."

The amounts quoted are way in excess of the actual NEST pension contributions normally due, thereby encouraging a kneejerk reaction from the recipient to open the attachment.

NEST have confirmed that the messages are not genuine and should be deleted. In particular, do not open the attachment as this will, in all likelihood, unleash malware designed to steal personal or financial details from your system.

You can find out more on staying safe online in NEST’s guidance on their website.

LITRG have also produced a guide to protecting yourself online which looks in detail at ‘phishing’.

For guidance on auto-enrolment and NEST pensions see our website.

(22-02-2017)