Australian based energy company AGL is warning customers to watch for fake bill emails that contain links to a malicious website.
The fraudulent emails feature AGL logos and formatting and may closely resemble the genuine bill notifications that the company sends to customers.
According to a report about the threat on the MailGuard blog, most links in the scam messages open the genuine AGL website. However, the “Download Bill” opens a compromised website that prompts users to download a .zip file. This .zip file does not contain an AGL bill as users might expect. Instead, opening the contents of the .zip file can install malware on your computer.
A warning about the scam on the AGL website notes that all legitimate AGL electricity bills will include your supply address and account number in the email body.
If you receive one of these bogus bill emails, do not click any links or open any attachments that it contains.