Warning: Think twice before you pay this bill

Posted by Jaclyn McRae on 25 July 2017 15:07:45 AEST

A huge flood of fake energy invoices is today hitting Australian inboxes.

Designed to mimic EnergyAustralia’s online bills, they aim to trick people into downloading malware with a click of the ‘View bill’ button.

The email looks realistic but hints that it’s a hoax include the misspelling of ‘July’ and the sending domain: “syrenergy.com”. Real invoices from the company are sent from  noreply@billing.energyaustraliaonline.com.au.

The scam prompted a warning from EnergyAustralia for customers to exercise caution.

“Scam emails such as this one can appear very convincing and customers should take care with any email that requests them to click a link,” the company has advised.

“EnergyAustralia’s electronic bills to residential customers are sent from noreply@billing.energyaustraliaonline.com.au. If you receive an email from a different address that says it relates to your EnergyAustralia bill, please do not open it or click any links it contains.”

About the hoax invoice

View your EnergyAustralia Electricity bill - Mozilla Thunderbird_048-1.png

Different dates and payment amounts are used on each version in a practice is known content spinning. This means invoices with an August due date mightn’t look suspicious on the surface.

The ‘view bill’ button links to a .zip file containing malicious JavaScript. It appears the aim of the malicious payload is to:

  • Delay the analysis task by a long amount of time.
  • Steal private information from local Internet browsers
  • Install itself for autorun at Windows startup.

It was intercepted before hitting the inboxes of any MailGuard customer.

MailGuard thwarted a similar attempt to impersonate EnergyAustralia on June 20: http://www.mailguard.com.au/blog/dont-be-tempted-to-click-fake-energyaustralia-invoice.

For a few dollars per staff member per month, add MailGuard's cloud-based email and web security to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network.

Keep Informed with Weekly Updates


^ Back to Top

Topics: Malware email scam Cybersecurity cybercrime Survivingcybercrime hoax email Fake energy invoice EnergyAustralia

Back to Blog


    Something Powerful

    Tell The Reader More

    The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


    • Bullets are great
    • For spelling out benefits and
    • Turning visitors into leads.

    Recent Posts

    Posts by Topic

    see all