CRUEL scammers masquerading online as council staff duped an elderly pensioner into falling for a ransomware attack disguised as an unpaid bill for her community alarm.

Irene Pollard, 86, told today how she automatically clicked a data theft link on an official-looking email because it had left her 'worried' she was in arrears for the lifeline service.

Mrs Pollard said: "I was stupid. I should have known that the bills come in by post and I'm still kicking myself for taking it as a genuine bill.

"I'm angry that someone thought I was stupid enough to fall for it."

It is feared the fraudsters could be targeting thousands of elderly and vulnerable people in the district with demands for money as part of a widespread trawl for personal and bank account details.

The emails are clearly designed to force victims into paying by threatening to disconnect their alarms if they don't stump up.

The fraudsters' front is made more believable because they are using the name of a real Inverclyde Council employee to help mask their callous intentions.

Community alarm bosses have urgently fired out letters to all 2,700 users of the vital service locally warning them about the clear and present danger and advising them on how to spot a scam.

As well as emails, the scammers have also obtained people's phone numbers and are calling them directly with con trick stories in a bid to fleece them.

Victim Mrs Pollard — who lost her husband, Ted, shortly before last Christmas — said: "The email said, 'Attached is your bill'. Of course I tried to download it because it worried me thinking I had a bill that I hadn't paid."

The scam emails — which have been reported to police — claim to be from the council's accounts department complete with an attached bogus bill for the community alarm.

They appear to be signed by 'Stephen Eardley' who is a bona fide local authority employee but does not work for the community alarm service and is not associated with the fraud.

Despite the lengths the criminals have gone to, they have made a glaring mistake because community alarms are the remit of Inverclyde Health and Social Care Partnership (HSCP), and not the council.

In a statement issued to the Telegraph, bosses say: "The emails also threaten that if the bill isn’t paid then the community alarm will be cut off.

"The fake caller tries to get the potential victim to reveal their personal and bank details."

The statement adds: "People who have received the emails have been told to click on a link to download their bill.

"It's suspected that clicking on the link will download malware or ransomware onto the computer.

"Malware allows the scammer to obtain sensitive data about bank accounts for example.

"Ransomware locks the computer or deletes files if the owner doesn't pay the scammer a ransom."

Councillor Michael McCormick, convener of the council's environmental and regeneration committee, said: "Anyone who is concerned about an email or letter that says it’s from the council should contact us right away.

"Some scams are very sophisticated and others are easy to spot.

"Scam emails often contain poor grammar or bad spelling and they try to rush you into acting.

"The key thing is never, ever click on a link or download an attachment in an email that has unexpectedly dropped into your inbox.

"This is how scammers smuggle viruses onto your computer."

Mrs Pollard said: "It was addressed to 'Dear Client' and I didn't think the language was quite right.

"Thankfully one of my friends had set up anti-virus software on my computer and it stopped the attachment from downloading."

Mrs Pollard added: "I'm worried that someone else might not be as lucky as me and not have a computer that is so protected from this kind of thing.

"It was when the 'bill' wouldn't download that I phoned the council to enquire about it, and I contacted the police afterwards.

"I would advise people to protect their computers as much as possible and heed the advice being given by the council."