A destructive scam email that infects computers and holds them hostage has successfully targeted at least 10,000 Australians since it was detected this week.
The scam email presents as an e-account and asks readers to click on a link. It then saves a .zip file on the computer that locks the machine down using malware known as “ransomware”.
The recipient is prompted to pay more than $800 to unlock it.
Raymond Schippers, a senior analyst at global cybersecurity firm Check Point, said once the file has downloaded ransomware such as Torrentlocker or Cryptolocker – sometimes spelled with 0 in place of o – the only way to get rid of it is to restore from a backup or to wipe the computer and start over again.
The fake AGL email has successfully infiltrated companies across Australia. It aims to get users to install the file at their work, where it could then cause widespread damage by gaining access to legitimate corporate emails which could be used to send the scam on.
“It’s across pretty much all kinds of sectors, from other utilities to education to finance, mining and resources, so it’s widespread throughout Australia,” Mr Schippers said.
The website used URLs such as “checkyourbills.com” or “electricitybill.com” and would look legitimate to most users, he said.
However, there were several things that could tip off AGL customers that the email is fake.When a recipient attempts to open it on their phone or on a Mac computer, it gives an error message and says to use a Windows computer, and the .zip file type is also suspicious.
AGL has acknowledged the scam, which it says “contains malicious malware that has potential to access personal information”.
AGL has reported the scam email to the Scamwatch, the Australian Competition and Consumer Commission (ACCC), and the Australian Federal Police.
The company said any customers who think they have received the email should delete it immediately, run antivirus software and add the sender to their junk email list.