Scams and Phishing

How to recognise and report online scams.

1312833027

Pay attention and report ongoing scam

Phishing is a particular type of digital scam aimed at inducing users to provide sensitive and/or confidential data (such as user name, password or other personal information, bank credentials, etc.). This cyber threat consists in the delivery of messages that look like the forms of communication of a known company, sometimes bearing its name and/or logo, thus misleading users who place their trust in the brand that appears in the communication.

Be careful about ongoing scams

We are detecting the presence on the network of communications, messages, posts and sponsored contents apparently coming from Eni and/or directly from our Chief Executive OfficerClaudio Descalzi.

es-comunicazione-fraudolenta-desk-eng-05.jpg
es-comunicazione-fraudolenta-mobile-eng-05.jpg

These communications do not come from Eni or its Chief Executive Officer. These messages unduly exploit Eni and its Top Management’s image and reputation, leading the user, through links in the text, to websites not belonging to Eni, fake accounts and specifically created social pages.

In these scam messages, reference is often made to aid programmes, grants or economic bonuses of various kinds, such as periodical fixed economic rents or fuel vouchers, encouraging the user to sign up to the initiative and communicate data or even preferences in relation to any questions posed.

In conjunction with the relevant Authorities, Eni works daily to combat these scams and other unlawful profiling and disinformation campaigns.

Various types of deceptive approaches are shown below: find out more by clicking on each topic.

The following table provides directions for reporting frauds in Australia, Hong Kong, Philippines, Taiwan, UK and US.

Country Organisation
Australia Australian Competition & Consumer Commission
Australia Australian Cyber Security Center (ACSC)
Hong Kong Hong Kong Police Force
Philippines Enforcement and Investor Protection Department of the SEC
e-mail: epd@sec.gov.ph
NBI Anti-Fraud Division
e-mail: afad@nbi.gov.ph
Taiwan National Police Agency
UK Action Fraud
US Federal Trade Commission
US Federal Trade Commission
US FBI

This type of fraud consists in the promotion of disinformation and profiling campaigns that abusively exploit Eni’s brands, names and people and leverage the attractiveness of topics such as "investments" and "economic bonuses", for example periodic or fixed economic rents or fuel vouchers. 

These campaigns set up fake websites, fake accounts, and fake pages on social networks to sponsor initiatives. They also use other propagation systems, the so-called "chain letters", taking advantage of widespread instant messaging service chats (e.g. Whatsapp). Recipients reached by such campaigns are often asked to fill out online forms to obtain personal data, or questionnaires are submitted whose answers allow them to profile the recipient.

Often, after the steps outlined above, you will be contacted by phone, also by international numbers or by email. Eni’s alleged employees or agents will request, on behalf of the company, and in order to activate the promo or investment, the payment of certain amounts, and will specify IBAN codes or online financial platform websites to collect the requested payment.

Be wary of any financial promotions that can be activated via payments on IBAN in the name of private individuals or unauthorized financial operators.

The presence of these elements indicates a possible fraud. Report it to the Authorities.

img_fake_Desk_eng.jpg
img_fake_mobile_eng.jpg

The victim is contacted for a job offer at Eni by so-called recruiters or Eni executives. With this scam technique, the victim is often asked for a sum in advance for the purchase of technical material. Other times, the victim is asked to receive a sum of money from their bank account to be transferred to another account indicated by the scammer, withholding a percentage of the same amount (see "Money muling" below).

To avoid falling into this type of scams, we remind you that Eni proceeds to contact potential candidates for work positions exclusively:

  • via email addresses ending with @eni.it or @eni.com or @example.eni.it or @example.eni.com
  • via Linkedin with Eni’s official account (find out how to check if a Linkedin account is legitimate here)

Senders such as, for example, recruitment@eni-ng.com, eni.nigeria@gmail.com and eni.spa9090@gmail.com are to be considered not legitimate.

The presence of these elements indicates a possible fraud. Report it to the Authorities.

Scam and Phishing-Eni Contract Agreement-desk-eng.jpg
Scam and Phishing-Eni Contract Agreement-mobile-eng.jpg

The victim is contacted by a person who deceitfully declares to be one of Eni’s employee, often "offshore", manifesting an urgent need for money for:

  • repairing a damaged mechanical part
  • issues related to their bank account
  • other fake reasons for not being able to move or get money (for example, due to illness, broken means of transport, problems with the police, etc.).

Sometimes, to increase credibility, the scammer accompanies the request for money with attachments (email or via chat) depicting company badges and (obviously false) contracts awarded, in Eni’s name. 

Often all this happens after the scammer has previously established a romantic relationship - usually via social networks - with the victim. This is why the scheme of this scam is also known as "Romance scam".

The presence of these elements indicates a possible fraud. Report it to the Authorities.

To know more, read here.

Scam e truffe desktop romance.jpg
scam e truffe mobile romance.jpg

It may occur that the two previous fraudulent modes (Job scam and Romance scam) are conveyed with a variant, called "Money muling". It is a technique whereby the fraudster transfers money, obtained illegally, using the victim's current account as a "bridge of passage" for the final destination, or of course another landing account. The victim is promised and/or recognized a small percentage of the transferred amount.

In essence, it is a matter of money laundering aimed at shielding both the real sender and the real recipient of the transaction.

The presence of these elements indicates a possible fraud. Report it to the Authorities.

To know more, read here.

Scam and Phishing-money-muling-scam-desk-eng.jpg
Scam e truffe eng mobile money muling.jpg

How to recognise phishing and other online scams

  • First, read the text of the messages you receive carefully: attempts to deceive the reader are often poorly written, with spelling mistakes and grammatical errors.
  • If the message you receive contains a link, check well who sent it to you. You can check the correspondence between the link text and the actual address by positioning the cursor above it, without clicking.
    Do not click on the link if you are not sure of the sender.
  • Do not open the attachments. Always check the sender first, especially with attachments with .exe, .zip, .rar, and .xls extensions. They may contain viruses or malware..
  • Do not provide login credentials, passwords, social security numbers or other personal and private information.
  • Be informed. Scam attempts come in different forms: they may be disguised as professional, financial communications, job advertisements, requests for personal assistance and others besides. If you are in doubt about the legitimacy of a communication from Eni, use the official channels.

Known scam attempts

In this gallery we have collected the main phishing cases that have already been disclosed.

601801803