A large-scale email scam imitating Energy Australia was intercepted by MailGuard this morning.
These emails are well-designed fakes that look very similar to actual Energy Australia messages - see screenshot above.
Although the ‘sender’ display name on these emails is ‘EnergyAustralia,’ the actual sender URL is australianenergysolutions[dot]com; a new URL that was registered yesterday in China.
This fake bill notification email links to a zipped JavaScript file which contains malware in JavaScript format - see screenshot below:
MailGuard has successfully protected our customers from receiving this email, but they will be landing in unprotected inboxes, so please keep an eye out.
Link-to-payload emails of this type can cause serious harm. The JavaScript files linked from the message may contain spyware, ransomware, or viruses.
Protect Your Inbox
- Always hover your mouse over links within emails and check the domain they’re pointing to. If they look suspicious or unfamiliar don’t open them.
- 9 out of 10 cyber-attacks are delivered via email, so it's essential to have the best email filtering in place to protect your systems. For a few dollars per staff member per month, you can have the peace of mind of MailGuard's comprehensive cloud-based email and web filtering. You’ll significantly reduce the risk of zero-day (previously unknown) threats and stop new variants of malicious email from entering your network.
- Keep up to date on the latest scams by subscribing to MailGuard updates or follow us on social media. If you’re experiencing problems, you can speak to a cloud security specialist on 1300 30 44 30
