© Depositphotos.com/ maxkabakov
Subject: Gas and Electric Usage Statement
Account No: 138475201-6
PG & E ENERGY STATEMENT
Statement Date: 01/10/2014
Due Date: 02/01/2014
Your Account Summary
Amount Due on Previous Statement
Payment(s) Recieved Since Last Statement
Previous Unpaid Balance
Current Electric Charges
Current Gas Charges
49.20 To view your most recent statement, please click here You must log-in to your account or register for an online account to view your statement.
Total Amount Due BY 02/01/2014 $559.7
The emails are not from PG & E as claimed. Clicking the link in the emails takes users to a compromised website that contains the Kuluoz malware. Kuluoz can add the infected computer to the Asprox botnet. It may also download and install further malware.
Subject lines in the emails may vary. While some may have the subject line shown in the above example, others may have the subject "Delivery Canceling". Other details in the emails may also vary in different versions.
This campaign is very similar to another recent malware attack that claimed that the recipient's Atmos energy bill could be viewed by clicking a link. Again, the link opened a website that contained Kuluoz.If you receive one of these emails, do not click on any links or open any attachments that it may contain.
Last updated: January 14, 2014