Warning to small businesses as more than 10,000 people hit by AGL energy bill scam

digital marketing

Small businesses have been warned to stay alert for email scams after more than 10,000 people reportedly downloaded malicious software disguised as an energy bill.

Scammers posing as electricity giant AGL have sent out thousands of emails to businesses and individuals asking them to pay overdue bills.

According to AGL, the scam emails tell users they have passed their energy consumption limit and need to pay their bill.

The email “presents as an e-Account”, which prompts customers to download a .zip file containing ‘ransomware’, which locks your computer and demands an $800 payment.

Raymond Schippers, a senior analyst at worldwide cyber security firm Check Point, told Fairfax at least 10,000 people are estimated to have downloaded the malware and were “very likely to have been infected”, although many more people may have been caught out.

AGL said in a statement it would “never send an email asking for personal banking or financial details”.

“Anyone receiving a suspicious email should delete it immediately or, if opened, not click on any links within the email,” the company said/

“AGL advises recipients of any suspicious emails to run antivirus software and block the sender by adding to the junk folder list.”

How to protect your business

Online security expert Michael McKinnon told SmartCompany ransomware is one method scammers use to target small businesses and individual consumers.

“You get a lot of small business people opening .zip files or invoices all the time, and so scammers keep getting away with it,” he says.

McKinnon says the best defence against scams is the “human defence”.

“Keeping awareness of employees as high as possible is the best thing you can do,” he says.

“Be aware not every email you’re going to get will be legitimate. Even the best anti-spam software and filters will still let one or two emails through, and that’s where the human factor to doubt comes in.”

On a technical level, McKinnon says backing up files is the number one defence against ransomware, and is an important step many small businesses don’t take.

“Once you’ve been infected it’s too late, you’ve either got to restore a previous backup, or if you don’t have one you’ve got to pay the ransom,” he says.

“And then you run the risk it still doesn’t give you access.”

McKinnon also recommends keeping a copy of malware-ridden computers backed up in case the decryption codes for the ransomware became available, as has occasionally happened in the past.

AGL advises anyone with concerns over this scam should contact AGL the Australian Competition and Consumer Commission’s Scamwatch.


Notify of
Newest Most Voted
Inline Feedbacks
View all comments
Isaac Gnieslaw FCPA
Isaac Gnieslaw FCPA
5 years ago

Check the email address the scam has come from. If it is not AGL it is a scam.

5 years ago

Yes, valid point. I cop a lot of this where the username, email address, person’s name and reply email address are all different.

5 years ago

And, backup your business data daily. This happened to us last year but with a macro infected word doc. Cryptolocker ransomware spread to the server and one other machine. Lost half a day’s trading data and was down for about a day recovering from my robust backup system.

I can’t stress enough how important this is. Most businesses don’t have a robust data backup plan that includes:

-Redundant server drives (Raid 5 is most economical)
-Independent backup repository (ie NAS with Raid1 redundant drives)
-multiple portable backup discs on USB drives taken offsite and rotated

Ask yourself this question: Will your company survive it you loose all your business data? If the answer is no, and you do nothing to secure it, then you’re a goose.

5 years ago

Oh and Scamwatch is a waste of time. They can’t do anything.