“Paperless Statement” email purporting to be from Australian energy provider AGL supposedly includes a summary of your monthly bill and urges you to click a link to view your current statement in detail.
The email is not from AGL and the link does not open a power bill statement. It is a criminal ploy that tries to trick you into visiting a compromised website and downloading malware. This is just one in a series of fake AGL bill emails that have been used to distribute various types of malware. Typically, the malware payload is ransomware.
This”Paperless Billing” email, which purports to be from large Australian energy provider AGL, supposedly, contains a summary of your latest energy bill. It claims that you can click a “Current Statement” link to view bill details and manage your account.
However, the email is not from AGL and clicking the link does not open an energy bill statement. In fact, the link loads a compromised website that contains malware.
This example is just one in a series of fake AGL bill emails that link to malware. Typically, the malware payload is ransomware. Once installed, ransomware can encrypt all of the files on your computer and then demand that you pay a fee to online criminals to receive a decryption key.
AGL has published a warning about the scam emails on its website.
If you receive one of these emails, do not click any links or open any attachments that it contains.
Last updated: February 8, 2017
First published: February 8, 2017
By Brett M. Christensen
Since you’ve read this far……can I ask you for a big favour?
To enhance your privacy and security and offer you a better user experience, Hoax-Slayer is now ad-free. To keep the site online, I now rely on voluntary contributions from site visitors along with commissions from a few trusted products and services that I promote via reviews on the site.
If you found the above report useful, please consider supporting Hoax-Slayer by making a donation. Any amount you can give will be greatly appreciated.
You can donate using your credit card via the form below. Donations are collected securely via the online payment service Stripe. Stripe uses state of the art security to keep your data safe.