Universal Credit Phishing Scam
A phishing scam that impersonates a benefits agency's Universal Credit or equivalent means-tested benefit system to steal login credentials, bank details, or personal identifying information.
Also known as: benefits portal phishing, welfare login phishing
Last reviewed: 5 July 2026
This scam typically arrives as a text message or email claiming there is a problem with the recipient's benefit claim: a missing document, a suspended payment, or an 'urgent' need to update bank details to avoid a delay. The message contains a link to a convincing fake login page styled after a real government benefits portal, designed to capture the victim's username, password, National Insurance or Social Security number, and banking information the moment they attempt to sign in.
Because millions of people rely on means-tested benefits for essential income, the threat of a suspended or delayed payment is highly effective at pushing victims to act quickly without scrutinizing the link. Once credentials are captured, scammers can attempt to redirect real payments to their own accounts, apply for additional benefits in the victim's name, or sell the harvested identity details on. Real benefits agencies do not ask claimants to 'confirm' bank details via a text-message link, and payment issues are always visible inside the official claimant portal or app, not delivered via unsolicited SMS.
Examples
- A text reads 'Your Universal Credit payment has been paused, verify your details within 24 hours' with a link to a spoofed login page.