Origin Energy malware scam hits Australia

THIS is one bill you can definitely be forgiven for ignoring.

And if you're an Origin Energy customer, you should look at your online bill with a fine tooth comb because it could be fake.

The energy giant has once again been hit by a new wave of malware attacks, the fourth time in just two months.

Purporting to be from Origin Energy, the malware-laden emails are designed to trick people into clicking on a link that then downloads malicious software.

According to email-filtering company MailGuard, which identified the hoax, a domain registered in Cyprus is understood to be behind the latest incident.

The email distribution began on Monday and was sent to hundreds of thousands of emails, with both Origin and the police warning people not to click on the link.

Origin also tweeted an alert on Monday, warning customers to ignore the email hoax.

The fake emails contain the company's familiar branding but the bill amount and due date varies.

The email reply address is also different from the one Origin Energy uses which is noreply@originenergy.com.au.

An Origin spokesman told news.com.au this malware incident was part of an ongoing threat and warned customers to remain aware and vigilant.


It was not known how many people have been afffected.

"We're doing what we can to inform our customers and communities about how to spot fake bills, and what to do if they've received one," the spokesman said.

"We're asking customers to consider when they last paid their account and to look closely at the sender, contact details and any links contained in the email."

He advised anyone who has received one not to click on any links but to instead to delete the email and report it to the ACCC's Scamwatch service.

"Origin customers can always ring us or login to their account to verify their billing status," he said.

The spokesman also stressed no personal data had been compromised.

In May tens of thousands of Australians were targeted by a hoax Origin Energy email loaded with dangerous malware.

Like the latest hoax, the May email was titled "Your Origin electricity bill", and encouraged users to click to view their statement.

Recipients were then being directed to a malware payload the form of a JavaScript dropper that installed malicious files to the user's system.

That scam email originated from a fake domain registered in China and was sent from servers in France.