ARN

Fake of Origin strikes again in new email scam

Energy company impersonated by cyber crooks for second time in a month

As the end of the financial year approaches, malware season has returned to Australia heralded by a new round of fake Origin Energy emails harbouring malware.

In the second such attack in just over a month, cyber criminals are distributing nefarious emails claiming to be from the energy reseller and containing malware.

However, this time the cyber crooks have upped their game significantly as the latest round of emails were hitting inboxes at a rate of nearly 10,000 an hour at its height on the morning of 14 June, according to email filtering company, MailGuard.

The Melbourne-based company said the fraud Origin email is highly realistic and installs malware at the click of a button. It perfectly mimics the branding and billing format of the popular energy provider, MailGuard said.

A sample of the scam email sent by cyber criminals
A sample of the scam email sent by cyber criminals

“Those who click the ‘View bill’ link are at risk of malware infection. The link allows a JavaScript payload file to install itself to auto-run, and attempts to steal private information from internet browsers,” MailGuard CEO Craig MacDonald said.

MacDonald added that these types of attacks tend to spike at traditionally busy times of year, such as Christmas, Easter and end of financial year as people are more likely to be time-poor and less likely to apply their usual scrutiny.

The email has a generic ‘Dear customer’ greeting (this is a warning sign that it shouldn’t be trusted) and warns people not to forget to pay on time, or they’ll risk a $12 late payment fee.

A sample of the scam email sent by cyber criminals
A sample of the scam email sent by cyber criminals

MailGuard said the sending domain was set up yesterday with a registrar based in China.

Google-owned antivirus aggregator VirusTotal, has indicated that at least 65 antivirus vendors are not detecting the link as malicious.

As explained by MacDonald, the latest fake email scam is part of the less sophisticated tier of cyber crime.

While many of the highly publicised data breaches seen in recent years, such as Target and Sony, have included campaigns targeting specific individuals, the vast majority of cyber attacks come in the form of mass phishing email campaigns such as this.

“Email is the new frontier for criminals capable of making money without leaving their house. They can fleece a person they’ve never met – from the other side of the globe,” MacDonald added. “In fact, more than 90 per cent of all cyber attacks begin with a single email.”