MailGuard has detected a new email scam today using fake AGL Energy branding.
Some effort has gone into making this malicious email convincing enough to deceive victims; the design is well executed as you can see in the screenshot above, with sophisticated text and graphical content, that makes it look a lot like a genuine AGL communication.
While the sender address domain in the message ‘aglenergyonline[dot]com’ looks authentic, it is actually a bogus domain registered 2 days ago in China.
The criminals behind this scam are looking to create a sense of urgency in the recipients by using the headline ‘disconnection notice’ and quoting a large sum of money. The message also contains threats about fines for late payment and referral to a debt collection agency. These details are intended to make the recipient of the message feel pressure to act and click on the ‘download your bill’ link.
The link in this email points to a JavaScript malware dropper in a compromised SharePoint folder.
This email attack was prevented from reaching our customer’s inboxes but will be received by a lot of people who are not protected by MailGuard.
Please share this alert with your network to help people avoid being harmed by this scam.
One Email is Enough
All criminals need to break into your business is a cleverly worded email; if they can trick one person in your company into clicking on a malicious link they can gain access to your data.
For a few dollars per staff member per month, you can protect your business with MailGuard's cloud-based email and web filtering security.
Talk to an expert at MailGuard today about making your company's network secure: click here.
Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below:
