Jaclyn McRae 17 July 2017 11:24:27 AEST 2 MIN READ

A new week, a new Origin Energy invoice scam

Utilities company Origin Energy has had its brand hijacked in a large-scale malware scam for the fourth time in two months.

Utilities company Origin Energy has had its brand hijacked in a large-scale malware scam for the fourth time in two months.

A domain was registered in Cyprus yesterday to perpetrate the fake-invoice hoax, which is designed to trick people into clicking a link that downloads malicious software to their system.

The malicious email began distribution en masse at 8.40am today. It is continuing to flood inboxes in huge numbers.

Your Origin electricity bill MailGuard July 17.png

Like the other scams leveraging Origin Energy in the past two months, today’s email is well-formatted and contains the energy company’s distinctive orange branding.

In a common method to avoid spam filters, the senders have varied the dollar figure and due date.

But in some instances they slip up by including a due date that has already passed, which conflicts with this warning in the email text: “PS: Don’t forget to pay by the due date, or you may have to pay a $12 late payment fee.”

What to watch for

Here’s how to tell if you’ve received a fake invoice:

  • Subject line: Your Origin electricity bill
  • Display name: OriginEnergy
  • Display (and sending address): noreply@energy2u .info
  • An orange button with the words ‘View bill’. Clicking the link triggers the download of a .zip file that contains malicious JavaScript

Opening Origin_electricity_bill.zip MailGuard July 17.png

Origin_electricity_bill.zip MailGuard July 17.png

Other recent Origin Energy email scams

May 10: Warning: Malware just one click away in Origin Energy email scam

June 14: Scammers ramp up EOFY attacks with new Origin malware blast

June 22: Scam avalanche continues: Origin Energy attack one of largest seen

Tips from Origin Energy on detecting scams

Origin Energy says scammers often mimic legitimate companies to trick people into opening an email, clicking on a link or even making a payment.

“Some scam emails try to get you to click on links that launch nasty viruses, ready to invade your computer, and the computer of everyone you email, to delete or lock your files.”

The company recommends seeking advice from www.scamwatch.gov.au or www.staysmartonline.gov.au if you think you’ve been scammed.

For a few dollars per staff member per month, add MailGuard's cloud-based email and web security to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network.

Keep Informed with Weekly Updates


^ Back to Top