From: Energy Billing System
Subject: Energy Statement
Your latest Energy bill is now available to view online.
Account Number : 0098112546
Bill date: 02/12/2014
Total Amount Due: $524.30
To view your most recent bill, please click here./a>You must log-in to your account
or register for an online account to view your statement.
There are many options to pay your bill. Sign up for the Automatic Payment Plan
to have your payment automatically deducted from your bank or credit card.
Pay electronically online at the Account Center, visit an Authorized Payment Center
or send a check by mail.
Our monthly bill inserts you energy-saving tips, regulatory updates and more.
EMAIL ADDRESS RESPONSIBILITY
To ensure timely receipt of your bill and other communications, copy this e-mail address
into your approved mailing list, so it is not blocked by your protection software.
The scammers responsible for the bogus email hope that at least a few people will think that the message is a genuine notification from their energy provider and click the link without due caution. Others may be panicked into clicking the link because they think that they have been sent an energy bill in error.
Unlike similar malware attacks, this email is deliberately generic. It does not name a particular company nor does it even identify what kind of energy the bill is supposedly for. This absence of identifying features means that busy or less observant recipients may simply assume that the email is from their own provider and follow the link.
Those who do follow the link will be taken to a compromised website that contains malware. If users are tricked into downloading and installing the malware, their computer may be joined up to a botnet. The malware may also download further malware components and harvest sensitive personal information from the infected computer.
Last updated: February 15, 2014