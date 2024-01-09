By John Ensor • Published: 09 Jan 2024 • 12:55

Scam Alert. Credit: Rawpixel.com/Shutterstock.com

Have you recently encountered an unexpected email from Endesa? The expert advice is to exercise caution as the National Cybersecurity Institute and the Guardia Civil are actively warning the public.

This caution follows recent reports of numerous individuals receiving emails under the guise of unpaid bills from Endesa. These emails, which often carry the subject line ‘Customer area – You can now download your invoice No. [bill number]’, are actually a front for distributing malware.

This harmful software is designed to extract information from your computer or any device used to download the supposed invoice.

⚠️#AVISO❗️Detectada campaña de distribución de malware mediante correos electrónicos fraudulentos suplantando a @Endesa.#NoPiques, indican que puedes pagar la factura adjunta para que ejecutes un código malicioso e infectes tu dispositivo. Es #phishing👇https://t.co/DnNUODasPO pic.twitter.com/Wf9WYawOhz — Guardia Civil (@guardiacivil) January 7, 2024

Recognising the Scam

What should you do if you stumble upon this Endesa email in your mailbox? Before you rush to delete it, it’s crucial to label it as spam or junk. In scenarios where you’ve downloaded the file but haven’t opened it, swiftly navigate to your downloads folder and erase it.

However, if you’ve already executed the file, immediate action is required to safeguard your device and personal data. The first step is to detach your device from your network, thus preventing the malware’s spread to other devices.

Then, utilise a robust antivirus program for a comprehensive scan. If the device remains compromised, you might need to resort to formatting or resetting it, despite the loss of stored data. Hence, regular backup is always advisable.

Preventive Measures And Reporting

Gathering evidence is key in these situations. Capture screenshots and, if deemed necessary, preserve the email for reporting to the State Security Forces and relevant bodies. This can include relying on online witnesses to certify the content.

In conclusion, staying vigilant and informed about such scams is imperative. By taking these recommended steps, you can protect your devices and personal information from malicious attempts.