Australians have been warned to stay on the lookout for a malicious email scam that has already tricked more than 10,000 people since it was detected last week.
The scam, designed to look like an AGL Energy bill, was emailed to recipients’ computers with a prompt to click on a link and download a copy. This saved as a .zip file onto the computer which, when opened, released malware (in the form of a virus or ransomware) onto the computer to hold it ‘hostage’.
Victims of the scam were forced to pay $US640 ($AU880) to gain back access to their computers.
The fake email was sent to a number of companies across Australia in hopes of flooding the emails of workers and becoming widespread within as many organisations as possible.
So, how can you guard against this scam?
Raymond Schippers?, a senior analyst at global cybersecurity firm Check Point, suggests Australians be especially watchful for any suspicious-looking emails.
“Realistically, if you open it on your iPhone and it says ‘this doesn’t work on an iPhone’, it probably isn’t a real website,” Mr Schippers said. “All the websites from all Australian utilities work on phones these days.”
“The .zip file is another indication that it’s not usually a bill either. They usually don’t send bills as .zip files, they’ll send them as .pdf or something similar.”
AGL Energy acknowledged the scam and said it had reported it to the Australian Federal Police, the Australian Competition and Consumer Commission and the Government’s Scamwatch website as soon as it was alerted.
In a statement, AGL urged customers, who suspected they might have received the email, to delete it immediately without clicking any links, add the sender to their junk email list and run antivirus software on their computer.
Read more at smh.com.au.