‘eBill’ notification emails purporting to be from electricity and gas retailer Simple Energy are currently hitting inboxes. The emails, which feature the Simple Energy logo and formatting, contain a ‘bill summary’ and claim that you can find your latest gas bill in an attached file.
Payment and account links in the emails open pages on the genuine Simple Energy website.
However, the emails are not from Simple Energy and the attachment does not contain a gas bill.
Instead, opening the attachment can trick you into allowing malware to infect your system.
Because the attachment is a seemingly innocuous Microsoft Word (.doc) file, you may be inclined to open it without realising the risk. If you do open the attachment, a popup message will claim that you need to enable macros before the file can be viewed correctly.
But, enabling macros as requested will allow a malicious macro to run. The macro can download and install other malware components. Typically, such malware can steal information such as banking passwords, download even more malware, and allow criminals to use the infected computer for their own purposes.
For those that may not be aware, a ‘macro’ in this context is a set of instructions that can act as a single command in order to automatically accomplish a task. Macros can save time by making repetitive tasks easier to carry out. Microsoft Office programs and other types of software allow you to create your own macros as required to aid your workflow.
To enhance your privacy and security and offer you a better user experience, Hoax-Slayer is now completely ad-free! Can you help us stay online?
If you receive one of these fake Simple Energy bills, do not open any attachments that it contains and do not click any links in the message. Note also that fake energy bill emails have been used in several earlier campaigns to distribute malware.
Since you’ve read this far……can I ask you for a big favour?
To enhance your privacy and security and offer you a better user experience, Hoax-Slayer is now completely ad-free. To keep the site online, I rely on voluntary contributions from site visitors.
If you found the above report useful, please consider supporting Hoax-Slayer by making a donation. Any amount you can give will be greatly appreciated.
You can donate using your credit card via the form below. Donations are collected securely via the online payment service Stripe. Stripe uses state of the art security to keep your data safe.