19 October 2016

Ransomware scam being spread through fake AGL bill: Alert Priority Moderate

Fake electricity bills are being emailed in an attempt to spread ransomware, with reports that a recent scam claims to be from energy provider AGL.The fake email looks like a standard bill, but directs the email recipient to click on a link which takes them to a website designed to install ransomware on the victim’s computer.

Once installed, this ransomware will encrypt the victim’s files and demand payment to decrypt them.

Stay Smart Online warned of

a very similar scam in June this year. The latest emails include a statement which claims that people affected by recent floods and storms may receive assistance.AGL states on its

website it will never send an email asking for personal banking or financial details.‘Anyone receiving a suspicious email should delete it immediately or, if opened, not click on any links within the email,’ AGL says.

‘AGL advises recipients of any suspicious emails to run antivirus software and block the sender by adding to the junk folder list.’

What is ransomware?
Ransomware is a type of malicious software that handicaps computer functionality, for example, through browser hijacking or encrypting personal data, and offers to restore the functionality for a fee, which is a form of extortion.

Recovery of systems that have been infected with ransomware is almost impossible without clean backups, so prevention is always the best approach.

While there have been reports that files are recovered if the ransom is paid, this does not protect your computer against further attacks. The attacker may simply encrypt your files again, and increase the ransom. Further, paying the ransom reinforces the criminal business model. For these reasons, responding to extortion is not encouraged.

More informationStay Smart Online has more information on recognising scam emails, as well as information on protecting against ransomware attacks.

See also the previous Alert on AGL-based ransomware attacks for more information on recovery from a ransomware attack.

The information provided here is of a general nature. Everyone’s circumstances are different. If you require specific advice you should contact your local technical support provider.

Feedback
Thank you to those subscribers who have provided feedback to our Alerts and Newsletters. We are very interested in your feedback and where possible take on board your suggestions or requests.
Disclaimer
This information has been prepared by Enex TestLab for the Attorney General’s Department (‘the Department’). It was accurate and up to date at the time of publishing.
This information is general information only and is intended for use by private individuals and small to medium sized businesses. If you are concerned about a specific cyber security issue you should seek professional advice.
The Commonwealth, Enex TestLab, and all other persons associated with this advisory accept no liability for any damage, loss or expense incurred as a result of the provision of this information, whether by way of negligence or otherwise.
Nothing in this information (including the listing of a person or organisation or links to other web sites) should be taken as an endorsement of a particular product or service.
Please note that third party views or recommendations included in this information do not reflect the views of the Commonwealth, or indicate its commitment to a particular course of action. The Commonwealth also cannot verify the accuracy of any third party material included in this information.

CONTACT US
Facebook: www.facebook.com/staysmartonline
Email: staysmartonline@communications.gov.au” style=”text-decoration:underline;”>StaySmartOnline@ag.gov.au
Web: www.staysmartonline.gov.au
You are receiving this message at the address public.notices93894@mysoutherndowns.com.au.
If you no longer wish to receive this information, you can unsubscribe.

 

© 2016 Australian Government. All rights reserved