The identities of a number of music festivals here and abroad (including the Wilkswood Reggae Festival) have been exploited by an email phishing scam. Unsolicited emails are being sent to artists confirming a performance slot at the festival and offering a performance fee and travel costs (in US $). The emails request that the artist provide details of work visas and other personal details and then often request a deposit to cover administration and travel fees. The scammers are using spoof email addresses but the email will appear to come from the festival organisers. So far several artists in America and Jamaica have reported having received such emails.
We would like to confirm that neither the Wilkswood Reggae Festival nor the festival organisers, Dubwood Productions, will book artists and offer performance fees and travel costs in this unsolicited way.
Only emails ending in @dubwood.co.uk will ever be used in any correspondence. Please use the following email addresses in all communication with the festival:
General enquiries: email@example.com
It seems there’s little we can do to prevent what is essentially ‘identity theft’ other than to make as many of you aware of the issue as possible and report the matter to the relevant authorities. Be reassured that the festival website and domain has not been compromised in any way and that the emails do not contain malware but it’s worth reiterating that you should always take your personal online security very seriously. Cybercrime is ever increasing so always remain extra vigilant when responding to emails or making online purchases.
PLEASE DO NOT RESPOND TO ANY SUSPICIOUS EMAILS. IF IT SEEMS TOO GOOD TO BE TRUE, IT PROBABLY IS!
This might all seem obvious but if you receive a suspicious email purporting to be from the Wilkswood Reggae Festival:
- Check that the ‘From’ email address ends in ‘@dubwood.co.uk’.
- Do not reply to the email.
- Do not click on any attachments.
- Forward the email to firstname.lastname@example.org, noting your concerns.
- Report the email to your email service provider (e.g. Hotmail, Yahoo, Gmail, etc) as phishing. Some providers have the option to send the email to a specialist phishing address.
You can get more information about online fraud from ActionFraud.