Digitalization has made our lives easier in many ways. We pay bills from our mobile phones, manage contracts from applications and receive real-time information via email. However, this convenience also entails some risks, including attempted fraud linked to the supply of electricity with so-called practices phishing.
Anyone can be a victim of this type of scam. According to the National Commission for Markets and Competition (CNMC), almost 7% of electricity and gas supplier changes present some type of documentary irregularity or lack of clear consensus. It is proven in the industry that the main channel of these fraudulent practices is the telephone and these malicious calls end up taking the customer from one company to another many times without realizing it and, obviously, without their consent.
According to the National Commission for Markets and Competition (CNMC), almost 7% of changes made to electricity and gas traders have some type of documentary irregularity or lack of clear consensus.
An evolving deception
Him phishing It’s not new. The term was coined more than three decades ago, when cybercriminals tried to obtain Internet access passwords via spoofed emails.
In Spain customers can switch from one energy company to another very easily. They have more than 400 marketers to choose from. And in fact they do: last year over 24% changed energy travel companions. However, not everything is so positive. Many of them did it unintentionally. That is, they were deceived. And the main technique used by these scammers is the telephone.
And the technique has become more sophisticated. Today, scammers create highly personalized stories. They present themselves as employees of an energy company, use real customer data – such as name, address or even approximate consumption – and use friendly and convincing language. Sometimes they offer very attractive discounts or claim to carry out urgent procedures related to the invoice or contract.
The key is urgency, don’t let the victim think you’re provoking a hasty response. In recent months this problem has taken a new leap, using artificial intelligence tools that allow the creation of even more convincing messages, synthetic voices or scripts, capable of replicating the tone of a professional.
Not all scams pursue the same goal. Some directly seek immediate financial benefit, others simply seek data for future fraud.
What are scammers really looking for?
According to Endesa, there are five main types of fraudulent activities
- Changing marketing companies without consent: The scammer convinces the user to change their contract. Charge a fee for each change you handle.
- Identity theft: The extracted personal information is used to act on behalf of the customer.
- Sale of data to third parties: The collected data is transferred to other actors, who use it for commercial or fraudulent purposes.
- Purchases with stolen financial data: If you get card numbers or bank accounts, you can make purchases online.
- Fake urgent payments: A message or email is sent requesting a quick payment to avoid, for example, a supposed power outage.
The importance of distinguishing between a marketer and a distributor
All these practices share the same technique, psychological manipulation, with which they try to make the victim act without thinking.
One of the keys to avoiding being a victim of this type of fraud is to understand which company performs which functions in the energy supply sector. For example, the marketer is the one who has a contractual relationship with the customer. It’s who we sign the contract with and who we pay the bill with. The distributor, on the other hand, is responsible for physically bringing the energy home, but has no direct contractual relationship with the consumer.
Many scammers take advantage of the confusion between the two roles; So if someone presents themselves as a distributor and asks for bank details or asks to modify a contract, it is a clear sign of fraud.
Endesa also reminds us of a fundamental rule: marketing companies never proactively request personal or banking data. They do so only if the customer himself requests a modification to the contract or the negotiation of a new service.
How to protect yourself from these threats
The recommendations to stop these scams are divided into two moments: before and during the fraud attempt. For the former, it is important to stay informed. Endesa has been actively working for years to raise awareness among its customers in this sense. Its initiatives include articles and practical guides, reports and advice through social networks, news with specialized content (including editions entirely dedicated to fraud), information messages on the invoices themselves and internal communication with employees, collaborators and sales channels so that they too know how to identify and stop suspicious practices.
If we receive a suspicious call or message, we must follow some guidelines: ask questions to find out which company it is or whether it is a marketer or distributor; never provide personal data; don’t decide at the moment; and verify the call through official channels.
Endesa recently launched a search engine for authorized numbers on its website, where the user can check in a few seconds whether the number from which he was contacted really belongs to the company.
Endesa recently launched on its website a authorized phone finder, where the user can check in a few seconds if the number from which he was contacted really belongs to the company. If it doesn’t appear, it’s likely a scam attempt.
Furthermore, keeping the number from which the call came can be useful if you want to file a complaint with bodies such as the National Police, the Office for Internet User Safety or the CNMC itself. In a hyperconnected world, the best tool against fraud is information and attention is the first line of defense.
