In the last few days, a new campaign has been detected of Phishing which supplants Iberdrola with a classic but highly effective method: fraudulent emails that pretend to be bills from the electricity company. The messages, apparently legitimate, include official logos, corporate language and links that redirect to a fake page. The objective: to steal access credentials or install malware on user devices.

How deception works

The email alerts the user of an alleged pending invoice or a payment incident, urging them to access a link to review the information. In doing so, the victim is directed to a website that mimics the Iberdrola portal, where personal and banking details are requested. In some cases, the download of Trojans that allow attackers to access the user's system has even been identified.

Impact and reach of the campaign

This type of attack exploits customers' trust in big brands and the urgency generated by any payment-related issue. The authorities and Iberdrola itself have already warned of the increase in these false emails, which circulate both to real customers and to random users.

How to detect a phishing attempt

  • Always check the sender's address: fake domains usually include letters or symbols added to them (for example, iberdrolaa.com or factora-iberdrola.net).
  • Don't open suspicious attachments or links.
  • If you have questions, access Iberdrola's customer area directly by typing the URL manually.
  • Keep your antivirus and the authentication measures in your accounts up to date.

What we recommend from Apolo Cybersecurity

This incident reinforces a key idea: phishing remains the most common gateway for corporate cyberattacks. From Apollo Cybersecurity, we recommend three essential steps to reduce risk:

  • Ongoing training: train employees and users to identify fraudulent emails.
  • Multifactor Authentication (MFA): Even if credentials are compromised, the attacker won't be able to easily access them.
  • Phishing drills: measuring the level of exposure and strengthening the internal response.

Protecting yourself from phishing starts with prevention and digital education

Attacks like this show that cybersecurity depends not only on technology, but also on the human factor. At Apolo Cybersecurity, we help companies to anticipate these threats, strengthen their defenses and ensure the continuity of their operations.

Prev Post
Next Post

Any questions?
We're happy to help!

CONTACT US TODAY!
info@apolocybersecurity.com
Data Controller: Apolo Analytics SL
Purpose: To process your request and respond to your message.
Legal Basis: Consent of the interested party upon submitting the form.
Recipients: Data will not be transferred to third parties, except under legal obligation.
Rights: You may exercise your rights of access, rectification, and deletion, among others, by sending an email to secretaria@apolocybersecurity.Com.
Additionall information: You can view the full information on our Privacy Policy.

Thank you!

Your message has been successfully received.
Oops! Something went wrong when submitting the form.
We are waiting for you!
Schedule a call
Project photo
send us an email
Project photo
+34 937948378
Project photo
Carrer de Sant Joan de la Salle 42, Barcelona, spain
Project photo
FAQScontactTERMS AND CONDITIONSWork with Us
Accelerated by:
Certifications:
Light Eyes is part of Apolo Cybersecurity
LEGAL NOTICEPRIVACY POLICYCookies
Privacy Settings
Copyright © 2025 Apollo Cybersecurity