‘Don’t click’: AGL warns about email hoax
IF YOU'RE a customer of energy provider AGL, make sure you look at your bill very closely.
The energy retailer has warned about an email scam targeting Australians that tries to pass itself off as a legitimate bill from the company.
AGL Energy took to social media at 11.50am today to warn customers of the hoax.
"We have received reports of hoax emails in circulation with the subject line 'AGL electricity bill' falsely claiming to be from AGL," the company said.
These scams are often phishing attacks that try to get unwitting victims to click a link and download malicious software onto their device, giving the attacker access to their computer or personal information.
Others might simply try to get victims to make an illegitimate payment for a fake outstanding bill.
To make sure you don't get caught out, take a careful look at the email address the bill is sent from. If it's fake, it will have a slight difference to the official AGL address.
Do the same for any links in the email by hovering your cursor over the link rather than clicking. If anything look suspicious, don't click and contact the company.
According to AGL, a legitimate bill from the company will contain your supply address and account number in the email body.
"If it does not contain these details, it may be a hoax email," the company says.
A notice on the AGL Facebook page is pointing customers towards its Stay Safe Online page.
"If you have received a hoax email, please delete it. Do not click on any links or content from the email," the page says, regarding the latest scam.
"If you have clicked on the link and submitted your personal details, please login to these accounts and reset your password straight away and run a comprehensive Anti-Virus Scan."
Scams like this are not uncommon and they often seek to masquerade as bills or emails from familiar companies like banks, telco providers and energy companies.
In 2016, an email scam that appeared to be an AGL bill tricked users into downloading ransomware that infected their computers and essentially held them hostage. It successfully targeted at least 10,000 Australians before it was detected, claimed one cybersecurity analyst at the time.
Our sister paper news.com.au contacted AGL but the company declined to comment at the time.