Back

Published on:

10 June 2016

Author:

Rachael Adams

AGL Scam Carrying Crypto Ransomware Torrentlocker Hits Aus Inboxes

AGL Energy (AGL) is warning people of an AGL branded email scam which contains malicious malware that has potential to access personal information.

The scam presents as an e-Account and asks readers to click on a link.

AGL advises it will never send an email asking for personal banking or financial details.

AGL has reported the scam to numerous authorities including ScamWatch, the ACCC and the AFP.

Anyone who receives a suspicious email should delete it immediately, or if opened, not click on any links. The scam email appears to be from AGL, advising the recipient of their current bill. The email is personalised for each recipient and provides a link for the recipient to view their electricity bill online.

]The landing page asks the user to enter in a ‘Captcha’ code. Once completed, the page downloads a .zip file containing a Javascript dropper. The dropper when executed then downloads Torrentlocker from a remote location.

How can I protect myself from email scams?

To reduce the risk, you should be suspicious of and immediately delete any email that:

  • Instructs you to download a file or click on a link to access your account or other information
  • Is purporting to be from a business you know and trust, yet the language is not consistent with the way they usually write (and may contain multiple grammatical errors)
  • Asks you to click on a link to access their website. If unsure call the company directly to confirm whether the email is legitimate

If unsure, do not click links or download files contained within the email and contact the purported sender directly to verify the authenticity of the email. Furthermore ensure that you keep your IT department aware that you have been receiving these emails to ensure the problem is adequately addressed.