By clicking a retailer link you consent to third party cookies that track your onward journey. If you make a purchase, Which? will receive an affiliate commission which supports our mission to be the UK's consumer champion.

Shoppers targeted with a fake Tesco refund email

A Tesco email scam offers compensation for a failed refund, find how to spot it
Tesco shop front

An email claiming that you're due compensation from Tesco 'because of a system error' has been confirmed as a fake by the supermarket.

The phishing email claims that you made a complaint in-store that 'something was wrong with a purchased item' and because of a 'system error' you were stopped from receiving a refund.

It goes on to say that in order to get the refund you need to validate your email address by following a suspicious link.

Tesco phishing email

Unlike other phishing attempts we've seen, this message didn't have any branding and used random employee names to try to appear real. In a bid to make the email scam seem more personable this fake Tesco email claims to be sent by 'Polly Gallagher, Regional Response Administrator'.

Example of the email claiming you're due a refund because of a system error

The email isn't sophisticated, the scammer doesn't even reference Tesco in the email copy. We only found out it was related to the supermarket following a quick search of the address on Google Maps.

The email claims to be from Tesco employee 'Polly Gallagher'

Recipients may find themselves confused by the contact and be tempted to respond to the email, playing into the hands of the scammers.

Dismiss this email if it appears in your inbox.

How to spot a scam email

Here are a few tips on how you can spot a scam email:

  • It's an email you weren't expecting - this could be a surprise refund, an unexpected bill or you've won a competition you don't remember entering.
  • You're being asked to take urgent action - in this phishing email, the scammer wants you to reply to the email. If you're unsure whether the email is genuine or not, contact the impersonated company using its official contact channels, which can usually be found on its website.
  • You're being asked for personal or financial details - most genuine companies won't ask for this information to be given over email, and if they do then it's safer to contact the company directly using an official customer telephone number.

When we made Tesco aware of the scam email being sent in its name, it confirmed the email was fake. Tesco said:

'We don't want anyone to fall victim to these types of scams. To help customers, we have a dedicated page which gives helpful tips on how to spot and avoid scams online.

'If you receive an email that appears to be a scam, you should report it to phishing@tesco.com and then delete it without responding.'

What to do when you receive a scam email

If you think you've received a potential scam email don't click on any links in the email as doing so might share personal information with scammers. Don't be tempted to reply to, or contact the sender.

If you have clicked on a link, don't fill out any forms or give away any details that could be used by scammers and don't open any email attachments.

If you think you've been targeted by a scam, find out how to report a scam and how to protect yourself from scams.

If you've come across an example of a scam, you can share it with us by using our Scams sharer tool.