Menu
Menu
EnergyAustralia dragged into major phishing scam

EnergyAustralia dragged into major phishing scam

Second Aussie energy provider impersonated by cyber criminals in malware campaign this year

EnergyAustralia has become the second local energy provider caught up in a major email phishing scam after a “large volume” of malicious emails recently began hitting Australian inboxes, according to email security company, MailGuard.

The Melbourne-based company said the realistic-looking email masquerades as an invoice from the energy company, advising customers that the invoice is due in the coming days.

“The due date and amount owing are randomised so that each recipient gets a unique bill,” MailGuard said in a blog post. “This is a tactic by the cybercriminals to avoid detection.”

The email contains what MailGuard describes as a potentially dangerous payload and clicking the "view bill" link downloads a .ZIP archive file which contains a malicious JavaScript file.

The sending email address is noreply @ energy agent.net [spaces added] – a domain registered in China on 19 June and MailGuard said it began distribution at 9.39am on 20 June.

A sample email from the campaign (Source: MailGuard)
A sample email from the campaign (Source: MailGuard)

Earlier this month, EnergyAustralia warned customers to be wary of scam emails and the company addressed the current spate of emails in a post on its website on 20 June.

EnergyAustralia customers should be aware of a new email scam.

The hoax email invites customers to view their bill online but the ‘View bill’ link is malicious.
Scam emails such as this one can appear very convincing and customers should take care with any email that requests them to click a link.

One indicator of potential scam emails is the sender. EnergyAustralia’s electronic bills to residential customers are sent from noreply@billing.energyaustraliaonline.com.au. If you receive an email from a different address that says it relates to your EnergyAustralia bill, please do not open it or click any links it contains.

If you receive a fake EnergyAustralia email, you can report it to EnergyAustralia by forwarding the email to staysafe@energyaustralia.com.au. Please send the hoax email as an attachment if possible. Don’t forward the hoax email to anyone else.

Once you’ve sent the hoax email to staysafe@energyaustralia.com.au, delete it from your inbox immediately. Then empty your Deleted Items folder.

Scam activity can also be reported to the ACCC Infocentre on 1300 302 502 or a state or territory fair trading authority.

If at any time you are concerned you have provided credit card or banking details to a potential scammer, please also alert your financial institution.

The attachment masquerades as a Zip file
The attachment masquerades as a Zip file

One of EnergyAustralia’s competitors, Origin Energy has also felt the sting of phishing attacks after two campaigns using the company’s name and branding hit in May and then in June.

The Australian Competition and Consumer Commission (ACCC) recently released its Scamwatch findings which showed more than 15,000 reports had been filed in the past six months, with over $615,000 lost from more than 2,300 reported incidents.

Targeting mainly Queensland ($200,000 lost), Victoria ($197,000 lost) and New South Wales ($147,000 lost), individuals over the age of 55 suffered most, losing more than $380,000 since January.

Cyber criminals struck predominantly through mobile phones, email and internet, accounting for losses of $255,000, $190,000 and $114,000 respectively.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Join the newsletter!

Error: Please check your email address.

Tags emailmailguardEnergy Australiacyber crimephishingmalware

More about Australian Competition and Consumer CommissionEnergyAustraliaOriginOrigin Energy

Show Comments

Market Place

Computerworld
ARN
Techworld
CMO