Martin Lewis has shared a warning to any one who has received a text from the Metropolitan Police - including people from outside London. The financial expert urged anyone who had been contacted by the force in the form of a letter or text on Wednesday, April 14 to not ignore it an take action.

The London-based police force is contacting 25,000 people across the country whose personal data may have been harvested by fraudsters. The operation used a sophicticated service to spoof legitimate websites, such as the postal service, banks and healthcare providers. The scam has since been shut down, but there are fears it could leave people vulnerable to further fraud.

Posting on X, Martin Lewis said: "Pls share. If you got a text from @metpoliceuk today or get a letter over next few days, DON'T ignore it (even if not in London) It's likely a warning your data may've been harvested by fraudsters. Here's how to check if the text/letter is genuine..."

Read more:

With the warning was a link to the MoneySavingExpert website, explaining the scam and how to ensure the message you received it legitimate. MSE says there are four ways to tell the letter or text you have received is from the Met:

  • Texts and emails were sent between 4pm and 6pm on Wednesday, April 17 ONLY. If the message was sent outside these hours, or on a different day, MSE says it could be a scam and it is best to ignore it.
  • Letters were posted first-class on Wednesday, April 17. If you received the letter yesterday, or one comes through in the next couple of days but was SENT on Wednesday, it's very likely legit. Anything outside of this should be cause for concern.
  • The correspondence will say which website the scammers impersonated to get your details. MSE says: "The fraudulent website may have looked like a company you recognise – such as your bank, mobile phone provider or another trusted organisation – and would have encouraged you to enter personal information, such as your email address, phone number or bank details."
  • Genuine texts and emails from the Met will NOT contain any links or attachments. If you spot these, don't open them as they could be fraudulent.

The scam operated on a website known as 'LabHost'. It was set up in 2021 and, according to the Met, it was used by more than 2,000 criminals to defraud victims across the globe. Some have already been arrested and some are the focus of ongoing investigations.

If you are contacted by the Met, it means fraudsters obtained some of your information through a 'phishing' website, designed to get you to give up some personal details. The Metropolitan Police recommends taking a few important steps to protect yourself.

  • Change your online passwords for all sensitive accounts, including online banking and email. Use unique and hard to guess passwords and consider using a password manager to keep track. For more advice, see the Government's Stop! Think Fraud guidance.
  • Check your bank and credit cards for suspicious activity. You can also contact the company involved directly for more help and advice. MSE also recommends checking your credit score, as scammers can use your information to apply for credit in your name.
  • Be extremely suspicious about call your get from the bank or police. Fraudsters can use information gathered on phishing sites to gain your trust in following calls and they can fake caller ID. Genuine service providers will never call to ask you to transfer money, share personal details or give over control remotely to your computer.