Phishing is a type of online scam which can lead to fraud. It involves imitating an organisation (e.g. a bank, an electricity supply company, any sort of business), using elements of its corporate identity (falsifying its e-mails and web pages).
The cybercriminals’ aim is to make you think you have received official correspondence from a company of whom you are a customer. They hope you will then enter sensitive personal data.
We have detected incidences of phishing simulating notifications from Endesa informing customers of a refund on a bill for which payment was apparently taken twice. The e-mail asks the user to click on a link to obtain the refund. When they click on that link, users are redirected to a false Endesa web page with a payment portal, the aim of which is to acquire their credit/debit card details to make unauthorised charges.
Ignore this e-mail if you receive it and, if in doubt, always go to the official Endesa customer service page: www.endesaclientes.com.
We are doing everything we can to combat this online attack, and will keep you informed of any relevant developments.
You can see what this notification looks like below: