A fresh malware-dropping email scam has hit inboxes this week which is loaded with malware trying to catch out Energy Australia customers which looks like this image below:
The email is well-designed and very similar to an original, appearing to be an invoice from the company asking recipients to pay a significant amount, around $500-700. However, instead of trying to get users’ banking details or scam funds from recipients, the cyber-criminals attempted to drop malware onto users’ systems.
On clicking the “view bill” button, users are directed to a fake Energy Australia website which was reportedly registered especially for this scam and is relatively similar to the actual Energy Australia website. The fake website is ‘energyau[dot]com’, where the real website is energyaustralia[dot]com.au.
In a statement, Energy Australia warned its customers to be vigilant with email scams like this one, with a spokesperson saying such emails “can appear very convincing and customers should take care with any email that requests them to click a link”.
“One indicator of potential scam emails is the sender. EnergyAustralia’s electronic bills to residential customers are sent from firstname.lastname@example.org. If you receive an email from a different address that says it relates to your EnergyAustralia bill, please do not open it or click any links it contains,” the spokesperson said.
The company also advised users to report the fake email to the Australian Competition and Consumer Commission’s ScamWatch, and then delete the email from their inbox.