New phishing emails impersonating the Aviva brand

What to look out for

Key points:

  • Reports of new phishing emails that look as if they’re from us.
  • These are designed to trick you into sharing sensitive information.
  • If you receive a fraudulent email, don’t click on it: report it to report@phishing.gov.uk
  • You can find out more by visting our Fraud Hub

Scammers tend to copy real brands and real products to make their emails appear legitimate and more convincing.

We regularly receive reports of phishing emails sent to members of the public, customers and firms like financial advisers, which look as though they have come from Aviva. Phishing is a type of social engineering where an attacker sends a fraudulent (e.g. fake or otherwise deceptive) message designed to trick a person into revealing sensitive information. They may also try to trick them into taking out investments that do not exist.

What to look out for

The phishing emails are sent from email addresses spoofing Aviva. They sometimes use the name of a genuine member of staff. The latest examples are coming from myavivasavings.com and claim to offer fixed rate products. Some of the scam emails look similar to our genuine Aviva Save communications. 

Example of investment scam email

A scam email mimicking Aviva Save promotes fake fixed-rate investments with ClearBank. Sent from “myavivasavings.com,” it uses terms like “stability” and “flexibility” to sound credible and lure recipients into engaging with the scam.

Example of phishing email posing as Aviva

A phishing email spoofing Aviva (from “mail-myaviva.com”) claims a secure message from Aviva awaits a reply. It targets financial firms, aiming to spark concern and trick recipients into sharing sensitive info or clicking malicious content.

Example of phishing email posing as Aviva MyMoney Customer Team

Please keep in mind that these phishing emails may use other fraudulent email domains spoofing Aviva.

A phishing email spoofing Aviva (from “mail-myavivaplc.com”) claims to be from a compliance team requesting firm details. It aims to trick recipients into confirming their email, potentially leading to data theft or further malicious contact.

Report fraud

If you think your Aviva policy or investment has been targeted by a fraudster, you can contact us to look into it.

What do I do next?

If you receive an email that you think may be suspicious, don't click on any links or respond to the email. Instead, report it to us via  our Fraud Hub. We also recommend that you:

  • Report it to report@phishing.gov.uk by forwarding the email or a screen shot of it. This service is provided by the National Cyber Security Centre, the UK government organisation that has the power to investigate and take down scam email addresses and websites.
  • Mark the email as junk and then delete it
  • If you think you've clicked on or responded to a fraudulent email, please follow the advice on the National Cyber Security Centre - if you've shared sensitive information

We are investigating this, and are taking action to shut down any fraudulent domains identified.

For more information on ways to spot and prevent fraud, visit our Fraud Hub. You can also find out more about online scams at the National Cyber Security Centre and Action Fraud sites.

More ways to protect your money

Making sure that you’re not a victim of fraud is one of our top priorities. It’s probably one of your top priorities too.

Read more tips and guides on how to keep your money secure on our fraud hub.