A round of malware has hit the inboxes of Australians on Wednesday morning posing as Origin Energy bills.
The emails use the subject line “Your Origin electricity bill” and ask for a different amount ranging from $300 to $800 due on 16 May.
To make the emails appear even more legitimate, they include a link to Origin Energy’s real privacy page, which gives tips to customers on how to avoid scams.
Endpoint security firm Mailguard spotted the scam, saying that tens of thousands of emails were distributed at about 8.30am on Wednesday. The emails originated from a fake domain that was registered in China a few days ago called originenergysolar.net. The malware is hosted on a compromised SharePoint account and was sent from a French server.
Of its name being used fraudulently, Origin said scammers often imitated legitimate companies in order to trick victims into opening unsafe emails.
“Some scam emails try to get you to click on links that launch nasty viruses, ready to invade your computer, and the computer of everyone you email, to delete or lock your files,” Origin said.
Last month, Mailguard picked up three other malware scams purporting to be from online accounting software firm MYOB, social services agency myGov and corporate regulator ASIC.