Thousands of Australians were targeted by a ransomware email attack masked as an energy bill…
AGL Energy provides services throughout the continent of Australia, which from a hackers perspective could be a potential gold mine. Turns out, they could be right. Thousands of fraudulent emails were sent out masked as AGL Energy bills. This email included a .zip file which once extracted locks the PC down until a ransom of $A880 ($650USD) is paid.
This email successfully infiltrated multiple companies throughout the continent, and now has access to corporate emails which opens doors to additional phishing attacks. CheckPoint has confirmed that roughly 10,000 of these emails have been downloaded, meaning 10,000 ransomware infections.
A senior analyst for the global security firm, CheckPoint, made the following statement to the Sydney Morning Herald:
“Even if the ransom is paid, the malware will continue to monitor the computer, recording keystrokes and mouse movements.”
If you receive an email from AGL Energy with a .zip file attached, you should delete it immediately. If you have already found yourself infected with the ransomware you should do the following:
- Check for backups
- Consult with an IT professional to see what data is recoverable
- Restore the PC using backups or set it back to factory-mode