Hot on the heels of yesterday's news on fake MYOB invoices, comes news that an estimated one in four Australian businesses have just been hit by a massive malware attack disguised as an Origin Energy electricity bill.
The authentic looking bills have a prominent "View bill" link that, when clicked, goes to a website which downloads a compressed file containing malware.
If opened, software in the file installs itself on the computer and logs users’ data and keystrokes in an attempt to capture sensitive details such as credit card information or website logins.
Email security company MailGuard, said the attack began around midday Wednesday and continued until late evening. It is not associated with Origin Energy and is believed to have originated from China.
One of the giveaways that the email is fraudulent is the sender’s address, firstname.lastname@example.org which is not associated with Origin Energy.
The timing of the attack, close to end of financial year, is one of the busiest periods for SMEs. It's likely deliberately targeted time-poor employees or business owners who may just click on the email without a second thought.
MailGuard has seen a 400% increase in the number of fraudulent emails sent over the past two weeks, and in this week alone there have been three significant scam attempts picked up by the company.
A number of recent attacks used Energy Australia and Origin Energy fraudulent emails, probably taking advantage of energy price increases announcements by both companies.
MailGuard chief executive Craig McDonald, said a lot of social engineering went into these attacks, and the correlation with the price increase announcements is the same idea. The scammers aim to trick users, and trickery is achieved by deception and distraction.
“Criminals will be looking at any major announcements that get in the media, and they’re looking for anything that would help them be successful in their campaign," he said.
McDonald believes it’s time for businesses to acknowledge the scammers behind these attacks are “professionals”, and email attacks like these will only continue in both scale and complexity.
“It’s not about looking at the email’s grammar or spelling anymore, there’s an ever-increasing level of sophistication and attention to detail. This is how these scammers make a living,” he said.
“Protecting yourself is not as easy as it used to be.”
The most poignant advice McDonald can provide to SMEs is to “take your time”, suggesting that companies pick up the phone and call companies if any suspicious or unexpected bill arrives in their inboxes.
He also suggests that it's time for business owners to get serious about educating themselves and their staff.
“There’s always a human element to these things, and some staff or business owners will inevitably get tricked. It’s time for SMEs to get on top of that and get a basic understanding of these scams,” McDonald said.
“Having antivirus isn’t enough anymore, because all it takes is one member of your staff to click on something and jeopardise your system.”
Origin Energy provides the following advice:
If you think you’ve received a scam email - close it and contact us - 13 24 61 or via Facebook Messenger. Delete it immediately.
Click on links
Forward the email