🔐 “Power Parasites” Phishing Attacks Targeting Energy Companies and Major Brands

Since 2024, sophisticated phishing attacks known as “Power Parasites” have been targeting leading global energy companies and well-known brands. A recently published comprehensive threat analysis report detailed these activities.

This campaign primarily exploits the names and brands of major companies such as Siemens Energy, Schneider Electric, EDF Energy, Repsol S.A., and Suncor Energy to carry out fraudulent schemes. Perpetrators deceive individuals through fake investment platforms and fraudulent job offers, aiming to steal personal and financial information.

According to research, attackers have created over 150 active domains that mimic official company websites to mislead victims. The primary targets are users in Asian countries, including Bangladesh, Nepal, and India.

Victims are approached with localized content in languages such as English, Portuguese, Spanish, Indonesian, Arabic, and Bengali. They are also directed to fake websites via social media platforms and Telegram channels.

Researchers from Silent Push highlight that the attackers employ a “spray and pray” tactic, abusing multiple brand names simultaneously to reach as many victims as possible.

Domains often include abbreviations like “SE” (for Siemens Energy) or “AMD” (for Advanced Micro Devices), such as sehub.top or amd-biz.mom.

The “Power Parasites” campaign targets victims through two main methods:

  1. Investment Scams: Victims are lured with fake investment platforms linked to reputable companies, promising high returns.
  2. Job Recruitment Scams: Victims are offered jobs at major companies, with requests for personal information, bank account details, passport copies, and financial documents.

Fake websites are often equipped with an “Invite code” field, creating the illusion that victims are part of an exclusive group.

Attackers even distribute fake promotional videos via YouTube. For instance, one video in Bengali promised “free money-making opportunities” through new websites.

Technical analysis of the phishing pages revealed that they use similar templates and code, enabling attackers to quickly create new domains when one is taken down.

In Telegram channels, malicious links were shared using names containing terms like “siemensenergy.” Many of these channels have already been blocked or removed.

Siemens Energy issued an official warning, stating that they do not operate any investment platforms and do not require payments during the hiring process.

Similarly, Repsol Energy published a warning on its “Fraud Alert” page about scams involving artificial intelligence used to impersonate company executives.

How to Protect Yourself from Phishing Attacks Like “Power Parasites”?

  1. Use Official Sources:
    If you’re seeking employment or investment opportunities, verify information directly on the company’s official website. Never share personal information via links from unknown domains.
  2. Carefully Check Emails and Links:
    Scrutinize the sender’s email address and domain name. If the domain looks suspicious or the company name is misspelled, it’s a clear sign of phishing.
  3. Reject Job Offers Requiring Payment:
    No reputable company will ask for payment to secure a job. An “employer” requesting money is likely a scammer.
  4. Verify Investment Platforms:
    Be cautious if someone promises quick, high profits. Always independently verify the legitimacy and licensing of such platforms.
  5. Avoid Entering Passwords or Personal Information on Suspicious Sites:
    Be especially wary of pages requesting “invite codes” or secret codes, as these are often scams.
  6. Scrutinize Social Media Ads:
    Don’t hastily accept offers or ads on platforms like Facebook, Telegram, or YouTube. Always conduct additional verification.
  7. Keep Antivirus and Security Software Updated:
    Having up-to-date, reliable antivirus software on your device increases your protection against phishing attacks.
  8. Contact Companies Directly About Suspicious Sites:
    If you encounter a suspicious website related to Siemens Energy, Schneider Electric, or other companies, report it through their official contact channels.
  9. Follow a Simple Rule: “If an Offer Seems Too Good to Be True, It Probably Is!”
    Scammers often exploit people’s desires for quick and easy wealth.
  10. Stay Informed About Cybersecurity News:
    Keeping up with the latest phishing campaigns and threats helps protect you and those around you.