A guide to defusing the dangers of phishing

«The customer is our greatest asset, they are Enel’s first ambassador in the world. All our work is aimed at ensuring they always have the best possible experience with us». These are the words of Maristella Caddeo, with thirty-four years at Enel, having held various roles and gained extensive experience in the market area. Together with her colleague Leandro Elia Lo Tauro, at Enel since 2003 and specialized in Contact Management, she worked on a delicate and important project: a platform to inform Enel customers about the risks of phishing, which increased in parallel with the rise in digital usage during the pandemic. Taking care of the customer also means protecting them from the pitfalls of digital activities: phishing is by far the most widespread form of cybercrime in the world. According to an FBI report, attacks doubled in 2020. It’s a problem that now affects 75% of organizations globally, something that must be addressed to safely navigate digital life. The good news is that it’s not difficult: phishing can easily be defeated on an individual level by developing the right antibodies. What are they? Information, awareness, and vigilance, and this is exactly what Leandro and Maristella worked on.

Phishing refers to mass digital attacks carried out by scammers who mimic emails, text messages (smishing), or phone calls (vishing) from official organizations to steal sensitive data and information, relying on people’s distraction to succeed. When we browse the web, we are bombarded with so many stimuli and distractions that mistaking a scam email for a legitimate message is a constant risk. That’s why knowing that the problem exists and being able to recognize a phishing message at first glance is essential. Enel’s information project was launched at the beginning of the year, when attacks skyrocketed. «The first step was to make our consultants, who interact directly with customers, more aware of these phenomena», the colleagues explain. «The goal was to put them in a position to reassure and guide customers». The first rule for dealing with phishing, in fact, is to immediately contact the company in question if there’s even the slightest doubt that a message might be illegitimate. Maristella and Leandro’s commitment to equipping agents with the tools to be a point of reference in these situations was the first step in closing the circle of safety and peace of mind.

The next step was the creation of a dedicated phishing section on Enel’s website, with clear and straightforward communication, a map to recognize the many forms of phishing, and user-friendly instructions on how to defuse them. «We defined the concept of online fraud, with in-depth content that helps customers identify fraudulent messages that may arrive via email or SMS», explains Leandro. The section also includes a series of helpful tips for navigating the web safely, such as the rule to always use official channels like the app to communicate with the company, or to never open attachments or links from suspicious sources. All it takes is a moment of distraction and a click to fall into an online trap. «Our goal is to make the customer ask questions, to raise doubts when they receive unexpected and likely fraudulent communications». The advice for all users is to carefully read the section, it’s the best way to train their awareness threshold. As Leandro says: «Phishing is sneaky. We’re all tempted to click on a link to see what it’s about. No one is ever completely safe. The mindset we’re trying to build is one of absolute caution». The only way to navigate safely is to do so with eyes wide open. The fight against online scams is a challenge that can only be won together, by staying informed and by reading.