Australians falling victim to fake AGL energy bills in virus scam


Staff member
A FAKE AGL energy bill email that contains malicious software is infecting computers across Australia, a cyber security expert has warned.

The scam asks users to click on a link which then downloads a damaging virus and tries to steal user names and passwords to spread it further, Check Point senior security analyst Raymond Schippers said.

Thousands of Australians, including employees from at least a dozen large companies, are believed to have already fallen victim.

“Instead of downloading an invoice you are downloading a virus that logs everything you type on your computer keyboard and encrypts files,” Mr Schippers said.

Criminals behind such ransomware attacks typically requested payment, usually about $200, to unfreeze files.

While big companies could usually restore lost files from a backup, many home computer users could not.

He said overseas-based criminals designing and onselling ransomware were making millions, and possibly billions, of dollars worldwide.

AGL said the malicious malware e-Account had the potential to access personal information.

“AGL advises it will never send an email asking for personal banking or financial details. Anyone receiving a suspicious email should delete it immediately or, if opened, not click on any links within the email,” it said.

Recipients of suspicious emails should run antivirus software and block the sender by adding it to the junk folder list, it advised.

AGL has reported the scam email to Scamwatch, the Australian Competition and Consumer Commission, and the Australian Federal Police.