IT
arrow-down arrow-up

Have you received any suspicious communications?


The most common scams are carried out on the internet through e-mail or SMS messages, WhatsApp or Telegram to solicit false payments and/or steal personal data and access credentials.

The Enel Group is committed to combating phishing phenomena, scams and misleading communications that replicate in content and appearance the original ones sent to our customers. These communications contain obvious errors in form and/or text, to which maximum attention must be paid.

Always carefully check the sender and the content of any communications you receive.
Do not click on suspicious links or provide personal data without verifying the reliability of the source.
Beware of unexpected payment requests or messages urging you to take immediate action.

Please note that a scam is currently underway regarding power reduction related to electricity supply

 

Fake Enel operators are communicating a power reduction due to the non-payment of one or more bills, requesting immediate payment via non-Enel IBAN or QR code in order to restore power.

We are taking all necessary measures to prevent this from happening again.

We strongly advise not to make any payments to IBANs or QR codes received via email/message/phone.

 

Contact Enel through official channels: Spazio Enel, Spazio Enel Partner, Website, toll-free number 800900860.

Phishing, Smishing and Vishing: 3 types of fraudulent activity to watch out for.

Find out how to identify and protect yourself  

E-mail
SMS
Phone
QR CODE
Online frauds
Other tips

What is Phishing

The most widespread scam to date is called phishing, it consists in sending an e-mail with a similar appearance to those sent by Enel Energia.


It may contain a link which, after being clicked, requires the entry of passwords, codes and/or personal data, or a file which, once downloaded, automatically recovers private or confidential information.

In case of any suspicious communications, you should always pay attention:

  • to any communications not referring to previous requests;
  • to the sender's email address and the links present, Enel Energia's email addresses end with @enel.it (domain) and any links or connections (URL) contain “enel.it”;
  • to any requests for personal codes or confidential data (passwords, access codes, etc.) since Enel Energia never requests these codes;
  • to errors in display, layout, typing or terms translated into Italian incorrectly and/or approximately.

What is Smishing

The smishing is an attempted scam via SMS, WhatsApp or Telegram with a foreign number, unknown or unclear, which consists in sending a message to the recipient with the request to carry out a certain action urgently:

  • usually, the text invites the customer to contact a paid telephone number;
  • open a link for immediate access to a website.

 

In case of any suspicious communications received through these texts, you should always pay attention:

  • to the links present that refer to unofficial sites or to numbers other than the Enel Energia toll-free number 800.900.860;
  • to any communications not referring to previous requests;
  • to the sender's name: “Enel Energia” is the correct name;
  • to any requests for personal codes or confidential data (passwords, access codes, etc.) since Enel Energia never requests these codes;
  • to errors in display, layout, typing or terms translated into Italian incorrectly and/or approximately.

What is Vishing

Vishing is a telephone scam attempt.

The false calls come from anonymous or unknown numbers, often foreign. Fraudsters can pose as Enel Energia telephone operators and attempt to convince the customer to provide personal information or pay sums of money, with tones of urgency or criticality.
 

If you receive any suspicious calls, you should always pay attention:

  • to any communications not referring to previous requests;
  • to the authenticity of the caller: it is available on the enel.it website the service check who called you;
  • to any requests for personal codes or confidential data (passwords, access codes, etc.) since Enel Energia never requests these codes;
  • the reason for the call, the tone and behavior of the caller.

Quishing

QR Code Phishing, also known as Quishing, is a scam that uses QR codes to trick users and redirect them to fraudulent websites, dangerous links, or infected attachments.

By scanning a malicious QR code with a smartphone camera, the user can be taken to a fake page resembling Enel Energia’s website but with suspicious URL errors or elements.

Fraudsters place these QR codes in:

  • Emails, SMS, or messages that appear to come from Enel Energia, inviting you to verify your account or access your bill.

  • Printed materials such as stickers, posters, or forged documents.



How to protect yourself from Quishing

Check the source
Do not scan QR codes from unknown origins or included in suspicious communications.

Pay attention to visual and text errors
Check layout, poorly translated texts, colors, or unusual logos. Fraudsters may also overlay fake stickers on top of real QR codes (in case of print materials or posters).

Check the URL before opening the link
If the web address contains typos or unusual elements, it may be a scam.

Access only through official channels

  • To visit Enel Energia’s website, type the URL directly into your browser: https://www.enel.it.
  • To access the Customer Area from your smartphone, use only the official app downloaded from authorized stores (Google Play Store or Apple App Store).

Fake Investments

This scam, mainly spread online, on social networks, and through phone calls, promotes fake financial investments that promise high returns with no risk.

Fraudsters fraudulently use:

  • The Enel brand to make the offer appear more credible.

  • The image or voice of Enel’s top management or public figures.

How to recognize a fake investment

Enel does not offer investment opportunities through channels other than its official ones; therefore, it is essential to pay attention to the following:

  • Promises of high returns without any risk.

  • Suspicious links asking for personal, banking, or login details, or requesting money transfers.

  • Requests to download apps to manage the alleged investment.

For all active offers and promotions, always refer to Enel Energia’s official channels: www.enel.it.

4o

Main Types of Scams

There are many types of fraud attempts targeting consumers. Phishing, smishing, vishing, and QR code phishing are just some of the techniques used by scammers to make contact with victims.

Often, these techniques are combined to increase the effectiveness of the scam. Scammers may:

  • Call you, pretending to be representatives of a trusted company to gain your confidence.

  • Send fraudulent links via SMS, WhatsApp, or Telegram to redirect you to fake websites.

  • Ask you to download an app to gain access to your personal data.

  • Pose as technical support staff to trick you into providing confidential information.

In other cases, scammers may exploit your good faith. For example, they might alert you to excessive energy consumption and request payments that are not actually due.

If you receive a suspicious request, do not share any data and always verify the legitimacy of the communication by contacting Enel Energia Customer Service at the toll-free number 800.900.860.

Protect Your Information Online

  • It is advisable to limit the sharing of personal information on social media.

  • Do not post sensitive data related to your utilities, to prevent it from being used for fraudulent attempts.

  • Be cautious of suspicious messages: if something seems off, always verify it through official channels.

To avoid a scam, you just need to recognize its profile. Watch our videos.

We shared real cases with experts who know investigations inside out.

Do your part to protect yourself

KEEP YOURSELF UPDATED
Update security systems on PCs, smartphones and tablets
DON'T BE RUSHED
Read carefully all communications received
PROTECT YOUR DATA
Never disclose your personal data to third parties