AGL “My Monthly Bill” Malware Email

Outline:
“Paperless Statement” email purporting to be from Australian energy provider AGL supposedly includes a summary of your monthly bill and urges you to click a link to view your current statement in detail.





Brief Analysis:
The email is not from AGL and the link does not open a power bill statement. It is a criminal ploy that tries to trick you into visiting a compromised website and downloading malware. This is just one in a series of fake AGL bill emails that have been used to distribute various types of malware. Typically, the malware payload is ransomware.

Example:
AGL Monthly Bill Malware






Detailed Analysis:
This”Paperless Billing” email, which purports to be from large Australian energy provider AGL, supposedly, contains a summary of your latest energy bill. It claims that you can click a “Current Statement” link to view bill details and manage your account.

However, the email is not from AGL and clicking the link does not open an energy bill statement. In fact, the link loads a compromised website that contains malware.

This example is just one in a series of fake AGL bill emails that link to malware. Typically, the malware payload is ransomware. Once installed, ransomware can encrypt all of the files on your computer and then demand that you pay a fee to online criminals to receive a decryption key.

AGL has published a warning about the scam emails on its website.

If you receive one of these emails, do not click any links or open any attachments that it contains.



Last updated: February 8, 2017
First published: February 8, 2017
By Brett M. Christensen
About Hoax-Slayer

References
Bogus AGL Electricity Bill Email Points To Torrentlocker Ransomware
Fake AGL Bill Email Contains Malware
AGL customers targeted by email scam