Be aware of scams targeting existing and prospective suppliers
At NextEra Energy and FPL, our relationship with our valued third-party suppliers and contingent workers is critical to us and we want to help you stay cybersmart. We would like to share reminders and best practices that will help you keep an eye out for suspicious behavior.
If you believe you have been the victim of a scam, send us an email at email@example.com.
Most common scams include:
- The scammer pretends to be an employee with NextEra Energy, FPL or one of its subsidiaries and attempts to establish a relationship to receive goods or services.
- The scammer contacts the business via telephone and/or an email address that resembles one from NextEra Energy, FPL or one of its subsidiaries.
- The scammer requests the business owner ship the product or be picked up at a specific location.
- Below are the domains that have been reported to us that are being used to impersonate NextEra Energy, FPL or one of its subsidiaries:
If you think you have received an email that is not legitimate, follow these do's and don’ts:
- Check the email domain to confirm it is not one of the ones listed above.
- Ask yourself:
- Is this my first contact with NextEra Energy or FPL and we have no previous business relationship?
- Am I expecting this email from this sender?
- Is the sender requesting to obtain the product through credit or send payment after product is delivered?
- Hover over any links to see if the URL looks trustworthy.
- Be skeptical of emails with requests from NextEra Energy’s CEO, CFO, Treasurer, Controller and/or others in an executive role with names found in public directories.
- Pay attention to emails that have poor spelling and grammar or start with a generic greeting like “Hello Customer” or “Dear Client.”
- If you are a preexisting supplier, contact your confirmed NextEra Energy or FPL representative to discuss the questionable communication received.
- If you are not a preexisting supplier, send us an email at firstname.lastname@example.org to confirm the legitimacy of the request.
- Click any suspicious links or URLs, especially any with spelling errors.
- Be encouraged to break the rules with requests that will fast track normal procedures or policies without the usual checks and approvals.
- Share any personal or sensitive information.
- Respond to emails with suspicious domains.
- Fall victim to emails that use threats, urgency or rewards to entice you to take action.
- Schedule delivery of goods without verifying the legitimacy of the request.