Fake Origin Energy bills loaded with malware target Aussies

By on
Fake Origin Energy bills loaded with malware target Aussies

A round of malware has hit the inboxes of Australians on Wednesday morning posing as Origin Energy bills.

The emails, which appear to be genuine bills from the electricity and gas utility, contain a direct link to a malware payload in the form of a JavaScript dropper and will install malicious files like keyloggers.

The emails use the subject line "Your Origin electricity bill" and ask for a different amount ranging from $300 to $800 due on 16 May.

To make the emails appear even more legitimate, they include a link to Origin Energy's real privacy page, which gives tips to customers on how to avoid scams.

Endpoint security firm Mailguard spotted the scam, saying that tens of thousands of emails were distributed at about 8.30am on Wednesday. The emails originated from a fake domain that was registered in China a few days ago called originenergysolar.net. The malware is hosted on a compromised SharePoint account and was sent from a French server.

Of its name being used fraudulently, Origin said scammers often imitated legitimate companies in order to trick victims into opening unsafe emails.

“Some scam emails try to get you to click on links that launch nasty viruses, ready to invade your computer, and the computer of everyone you email, to delete or lock your files,” Origin said.

Last month, Mailguard picked up three other malware scams purporting to be from online accounting software firm MYOB, social services agency myGov and corporate regulator ASIC.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © CRN Australia. All rights reserved.

Most Read Articles

You must be a registered member of CRN to post a comment.
| Register

Log In

Username / Email:
  |  Forgot your password?