False email for requesting proof of payment

05 May 2022


In these days there are e-mails with deceptive content that exploit the Enel brand, with the subject "Richiesta per invio Mail al Cliente [ref: XXXXX]" (where XXXX are characters random), sent only apparently by the domain “enel.com.

Attention should be paid to the attachment of the email, it is an xlsm file rather than a pdf as in the communications of Enel Energia.

Once the attachment named "FATTURA.xlsm" is opened, clicking on the "Visualizza" button leads to the download of a banking malware that steals credentials to access online checking accounts.

Here's what the communication looks like:

Immagine che contiene testo

Descrizione generata automaticamente

Enel Energia invites anyone who receives an e-mail or suspicious text message not to open or click on the links in the texts, not to download and open attachments (Enel does not send excel), to pay close attention to any requests for personal codes or confidential data (for example user or password, access codes) since Enel Energia never requires such codes.

If in doubt, check the authenticity of the request through the usual contact channels: toll-free number 800.900.860 and www.enel.it/en website.