Published on:

10 June 2016


Rachael Adams

AGL Scam Carrying Crypto Ransomware Torrentlocker Hits Aus Inboxes


AGL Energy (AGL) is warning people of an AGL branded email scam which contains malicious malware that has potential to access personal information.

The scam presents as an e-Account and asks readers to click on a link.

AGL advises it will never send an email asking for personal banking or financial details.

AGL has reported the scam to numerous authorities including ScamWatch, the ACCC and the AFP.

Anyone who receives a suspicious email should delete it immediately, or if opened, not click on any links.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_empty_space height=”34px”][/vc_column][/vc_row][vc_row][vc_column][dt_fancy_separator separator_style=”dashed”][/vc_column][/vc_row][vc_row][vc_column][vc_empty_space height=”24px”][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]Here is a sample of the AGL email which has many variations:[/vc_column_text][vc_single_image image=”4305″ img_size=”full” image_hovers=”false”][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]The scam email appears to be from AGL, advising the recipient of their current bill. The email is personalised for each recipient and provides a link for the recipient to view their electricity bill online.

Here is a sample of the first page recipients are directed to: [/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_single_image image=”4306″ img_size=”full” image_hovers=”false”][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]The landing page asks the user to enter in a ‘Captcha’ code. Once completed, the page downloads a .zip file containing a Javascript dropper. The dropper when executed then downloads Torrentlocker from a remote location.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_single_image image=”4308″ img_size=”full” image_hovers=”false”][/vc_column][/vc_row][vc_row][vc_column][vc_empty_space height=”34px”][/vc_column][/vc_row][vc_row][vc_column][dt_fancy_separator separator_style=”dashed”][/vc_column][/vc_row][vc_row][vc_column][vc_empty_space height=”24px”][/vc_column][/vc_row][vc_row][vc_column][dt_vc_list style=”2″ dividers=”false”]

How can I protect myself from email scams?

To reduce the risk, you should be suspicious of and immediately delete any email that:

  • Instructs you to download a file or click on a link to access your account or other information
  • Is purporting to be from a business you know and trust, yet the language is not consistent with the way they usually write (and may contain multiple grammatical errors)
  • Asks you to click on a link to access their website. If unsure call the company directly to confirm whether the email is legitimate

[/dt_vc_list][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]If unsure, do not click links or download files contained within the email and contact the purported sender directly to verify the authenticity of the email. Furthermore ensure that you keep your IT department ( or 1300 033 300) aware that you have been receiving these emails to ensure the problem is adequately addressed.[/vc_column_text][/vc_column][/vc_row]

Leave a Reply

Your email address will not be published. Required fields are marked *