Ask a question to find out more

Scams and Phishing

Headquarters Eni Rome

What is phishing

Phishing is a particular type of digital scam aimed at inducing users to provide sensitive and/or confidential data (such as user name, password or other personal information, bank credentials, etc.). This cyber threat consists in the delivery of messages that look like the forms of communication of a known company, sometimes bearing its name and/or logo, thus misleading users who place their trust in the brand that appears in the communication.

Be careful about ongoing scams

We are detecting the presence on the network of communications, messages, posts and sponsored contents apparently coming from Eni.

These communications do not come from Eni. These messages unduly exploit Eni and its Top Management’s image and reputation, leading the user, through links in the text, to websites not belonging to Eni, fake accounts and specifically created social pages.

In these scam messages, reference is often made to aid programmesgrants or economic bonuses of various kinds, such as periodical fixed economic rents or fuel vouchers, encouraging the user to sign up to the initiative and communicate data or even preferences in relation to any questions posed.

In conjunction with the relevant Authorities, Eni works daily to combat these scams and other unlawful profiling and disinformation campaigns. 

The types of deceptive approaches

Various types of deceptive approaches are shown below: find out more by clicking on each topic.

This type of fraud consists in the promotion of disinformation and profiling campaigns that abusively exploit Eni’s brands, names and people and leverage the attractiveness of topics such as "investments" and "economic bonuses", for example periodic or fixed economic rents or fuel vouchers. 

These campaigns set up fake websites, fake accounts, and fake pages on social networks to sponsor initiatives. They also use other propagation systems, the so-called "chain letters", taking advantage of widespread instant messaging service chats (e.g. Whatsapp). Recipients reached by such campaigns are often asked to fill out online forms to obtain personal data, or questionnaires are submitted whose answers allow them to profile the recipient.

Often, after the steps outlined above, you will be contacted by phone, also by international numbers or by email. Eni’s alleged employees or agents will request, on behalf of the company, and in order to activate the promo or investment, the payment of certain amounts, and will specify IBAN codes or online financial platform websites to collect the requested payment.

Be wary of any financial promotions that can be activated via payments on IBAN in the name of private individuals or unauthorized financial operators.

The presence of these elements indicates a possible fraud. Report it to the Authorities.

The victim is contacted for a job offer at Eni by so-called recruiters or Eni executives. With this scam technique, the victim is often asked for a sum in advance for the purchase of technical material. Other times, the victim is asked to receive a sum of money from their bank account to be transferred to another account indicated by the scammer, withholding a percentage of the same amount (see "Money muling" below).

To avoid falling into this type of scams, we remind you that Eni proceeds to contact potential candidates for work positions exclusively:

  • via email addresses ending with @eni.it or @eni.com or @example.eni.it or @example.eni.com
  • via Linkedin with Eni’s official account (find out how to check if a Linkedin account is legitimate here)

Senders such as, for example, recruitment@eni-ng.com, eni.nigeria@gmail.com and eni.spa9090@gmail.com are to be considered not legitimate.

The presence of these elements indicates a possible fraud. Report it to the Authorities.

The victim is contacted by a person who deceitfully declares to be one of Eni’s employees or their independent supplier, often "offshore", expressing an urgent need for money for:

  • repairing a damaged mechanical part, in order to complete a project
  • reaching the necessary budget to start a project
  • issues related to their bank account
  • other fake reasons for not being able to move or get money (for example, due to illness, broken means of transport, problems with the police, etc.).

Sometimes, to increase credibility, the scammer accompanies the request for money with attachments (email or via chat) depicting company badges and (obviously false) contracts awarded, in Eni’s name, or providing specific times for starting and ending the project, and therefore the reimbursement of the amount.
Often all this happens after the scammer has previously established a personal relationship – usually via social networks or via phone/email – with the victim. In some cases, the relationship might also be romantic, hence this fraudulent scheme is also known as "Romance scam".
The presence of these elements indicates a possible fraud. Report it to the Authorities.
To know more, read here.

It may occur that the two previous fraudulent modes (Job scam and Romance scam) are conveyed with a variant, called "Money muling". It is a technique whereby the fraudster transfers money, obtained illegally, using the victim's current account as a "bridge of passage" for the final destination, or of course another landing account. The victim is promised and/or recognized a small percentage of the transferred amount.
In essence, it is a matter of money laundering aimed at shielding both the real sender and the real recipient of the transaction.
The presence of these elements indicates a possible fraud. Report it to the Authorities.
To know more, read here.

The types of deceptive approaches

Various types of deceptive approaches are shown below: find out more by clicking on each topic.

This type of fraud consists in the promotion of disinformation and profiling campaigns that abusively exploit Eni’s brands, names and people and leverage the attractiveness of topics such as "investments" and "economic bonuses", for example periodic or fixed economic rents or fuel vouchers. 

These campaigns set up fake websites, fake accounts, and fake pages on social networks to sponsor initiatives. They also use other propagation systems, the so-called "chain letters", taking advantage of widespread instant messaging service chats (e.g. Whatsapp). Recipients reached by such campaigns are often asked to fill out online forms to obtain personal data, or questionnaires are submitted whose answers allow them to profile the recipient.

Often, after the steps outlined above, you will be contacted by phone, also by international numbers or by email. Eni’s alleged employees or agents will request, on behalf of the company, and in order to activate the promo or investment, the payment of certain amounts, and will specify IBAN codes or online financial platform websites to collect the requested payment.

Be wary of any financial promotions that can be activated via payments on IBAN in the name of private individuals or unauthorized financial operators.

The presence of these elements indicates a possible fraud. Report it to the Authorities.

The victim is contacted for a job offer at Eni by so-called recruiters or Eni executives. With this scam technique, the victim is often asked for a sum in advance for the purchase of technical material. Other times, the victim is asked to receive a sum of money from their bank account to be transferred to another account indicated by the scammer, withholding a percentage of the same amount (see "Money muling" below).

To avoid falling into this type of scams, we remind you that Eni proceeds to contact potential candidates for work positions exclusively:

  • via email addresses ending with @eni.it or @eni.com or @example.eni.it or @example.eni.com
  • via Linkedin with Eni’s official account (find out how to check if a Linkedin account is legitimate here)

Senders such as, for example, recruitment@eni-ng.com, eni.nigeria@gmail.com and eni.spa9090@gmail.com are to be considered not legitimate.

The presence of these elements indicates a possible fraud. Report it to the Authorities.

The victim is contacted by a person who deceitfully declares to be one of Eni’s employees or their independent supplier, often "offshore", expressing an urgent need for money for:

  • repairing a damaged mechanical part, in order to complete a project
  • reaching the necessary budget to start a project
  • issues related to their bank account
  • other fake reasons for not being able to move or get money (for example, due to illness, broken means of transport, problems with the police, etc.).

Sometimes, to increase credibility, the scammer accompanies the request for money with attachments (email or via chat) depicting company badges and (obviously false) contracts awarded, in Eni’s name, or providing specific times for starting and ending the project, and therefore the reimbursement of the amount.
Often all this happens after the scammer has previously established a personal relationship – usually via social networks or via phone/email – with the victim. In some cases, the relationship might also be romantic, hence this fraudulent scheme is also known as "Romance scam".
The presence of these elements indicates a possible fraud. Report it to the Authorities.
To know more, read here.

It may occur that the two previous fraudulent modes (Job scam and Romance scam) are conveyed with a variant, called "Money muling". It is a technique whereby the fraudster transfers money, obtained illegally, using the victim's current account as a "bridge of passage" for the final destination, or of course another landing account. The victim is promised and/or recognized a small percentage of the transferred amount.
In essence, it is a matter of money laundering aimed at shielding both the real sender and the real recipient of the transaction.
The presence of these elements indicates a possible fraud. Report it to the Authorities.
To know more, read here.

How to recognise phishing and other online scams

  • First, read the text of the messages you receive carefully: attempts to deceive the reader are often poorly written, with spelling mistakes and grammatical errors.
  • If the message you receive contains a link, check well who sent it to you. You can check the correspondence between the link text and the actual address by positioning the cursor above it, without clicking.
    Do not click on the link if you are not sure of the sender.
  • Do not open the attachments. Always check the sender first, especially with attachments with .exe, .zip, .rar, and .xls extensions. They may contain viruses or malware..
  • Do not provide login credentials, passwords, social security numbers or other personal and private information.
  • Be informed. Scam attempts come in different forms: they may be disguised as professional, financial communications, job advertisements, requests for personal assistance and others besides. If you are in doubt about the legitimacy of a communication from Eni, use the official channels.

Known scam attempts

In this gallery we have collected the main phishing cases that have already been disclosed.

How to report a scam



Back to top
Back to top