MailGuard has detected a new email scam using fake bill notifications from Click Energy.
This message should be relatively easy to spot for the observant scam skeptic. It is very plainly formatted and doesn’t include any graphical elements such as Click’s logo.
The screenshot above shows the poorly designed appearance of the scam emails.
The message shows the sender display name ‘click team’ but the message actually originates from compromised MailChimp account addresses.
The recipient is addressed with the generic greeting ‘dear valued customer.’
The message asks the recipient to click on a link to open an attachment. The link supposedly opens a billing document but in reality, it points to a JavaScript malware file.
Opening the file linked to this message would allow harmful software to be installed on your computer. JavaScript malware can covertly activate spyware, ransomware and trojans.