Online scammers swindled more than a £1,000 from a charity and a Sidmouth woman by intercepting emails.

Sidmouth Herald: close up of hands of business person working on computer, man using internet and social mediaclose up of hands of business person working on computer, man using internet and social media (Image: Archant)

Lois Swarbrick is the treasurer for the road safety charity The Honest Truth, so when she received an £300 invoice from a supplier she thought nothing of it.

The 57-year-old had not realised that hackers had got into her email account and set up a forwarding system that intercepted emails that contained certain words. They doctored them, changing the bank details, but left the rest the same, making them seem legitimate.

On the first occasion scammers intercepted an email from a supplier for the charity which included an invoice for £300. The fraudsters altered the banking details and forwarded it back to Lois, who thought nothing of it and paid it from the charity’s account.

A week later they struck again doing the same when Lois’ friends emailed her with their bank details asking her to pay £950 for a holiday. Lois paid the money and contacted her friends to check they had received it. When they had not, alarm bells rang.

She said: “The invoice for the charity looked exactly how it should, but the bank details had been altered. Unless you were looking for it you would not know. The name on the email was the same but if you looked further the email account was a surreptitious email. It took a long time to work out what had happened. The supplier kept saying the payment had not been received but the money had gone out.

“The email my friends sent me looked fine and there was no reason to think it wasn’t them. My friends forwarded their original email to my husband and we realised the bank details were different.”

Lois said, because she’d paid it herself, the bank would not be able to retrieve the money unless the scammers had not withdrawn it.

She added: “The first time it was particularly upsetting because it wasn’t my money it was the charity’s, then to realised it happened again was devastating. When I started changing my passwords and email I realised how close I’d come to a third transaction for £5,000.”

Lois said she had no idea how they could have got into her account.

Lois said Action Fraud’s only advice to avoid scams like this was to be extra vigilante, have the most secure password and change it regularly.