Origin Energy email scam putting users at risk

A “legitimate looking” Origin Energy email scam is circulating in high volume, putting users at risk of malware (a computer virus).

MailGuard CEO Craig McDonald has warned Australians not to click on a convincing fake Origin Energy electricity bill which contains a direct link to malware.

“The well-crafted email uses Origin Energy branding, and uses the subject line “Your Origin electricity bill”, with a due date of May 16,” McDonald said in a release.   

“But those who click the ‘view bill’ button are in for a nasty surprise.”

He said that rather than directing recipients to a replica Origin Energy website, it links to a malware payload  which is designed to install malicious files such as keyloggers to the victim’s system. A keylogger is a type of spyware that can watch and record your keystrokes, including what passwords you enter on a banking website, or any other information you provide online.

The scam email originates from a fake domain registered in China, and was sent from servers located in France. 

Scammers often use imitate legitimate companies to trick victims into opening an email, clicking a link, or making a payment. If you think you may have been scammed, Origin Energy recommends seeking advice from Scam Watch or Stay Smart Online.  

Have you come across this scam or similar?