Australians continue to be targeted by email-enabled ransomware ploys, with renewed reports of malware being spread by posing as energy provider AGL’s bills.
An alert provided by the government's Stay Smart Online website marks the second time in recent memory a ransomware campaign has struck under the guise of an energy bill.
In June at least 10,000 people had reported being scammed by emails looking like AGL bills.
According to a blog post on Aussie cloud security provider Mailguard’s website, the newest phishing attempt includes references to recent storms and flooding.
“In an effort to appear legitimate, the email says flooding victims may receive additional support to help pay their bill,” poster Jaclyn McRae wrote.
“Those who make the mistake of clicking a link on the fake invoice risk having their PC – or entire system – held to ransom.”
The fake emails are almost identical to those of AGL, but when recipients click on a link to download their bill, a zip file is delivered instead. If opened, the malware contained within then freezes the device, at which point a ransom of is demanded to regain control.
While paying the hefty ransom has reportedly allowed some users to recover their files, malware-infected systems will continue to be vulnerable to attacks.