Bogus Simple Energy Bill Emails Contain Macro Malware
'eBill' notification emails purporting to be from electricity and gas retailer Simple Energy are currently hitting inboxes. The emails, which feature the Simple Energy logo and formatting, contain a 'bill summary' and claim that you can find your latest gas bill in an attached file. Payment and account links in the emails open pages on the genuine Simple Energy website.
However, the emails are not from Simple Energy and the attachment does not contain a gas bill.
Instead, opening the attachment can trick you into allowing malware to infect your system.
Because the attachment is a seemingly innocuous Microsoft Word (.doc) file, you may be inclined to open it without realising the risk. If you do open the attachment, a popup message will claim that you need to enable macros before the file can be viewed correctly.
But, enabling macros as requested will allow a malicious macro to run. The macro can download and install other malware components. Typically, such malware can steal information such as banking passwords, download even more malware, and allow criminals to use the infected computer for their own purposes.
For those that may not be aware, a 'macro' in this context is a set of instructions that can act as a single command in order to automatically accomplish a task. Macros can save time by making repetitive tasks easier to carry out. Microsoft Office programs and other types of software allow you to create your own macros as required to aid your workflow.
However, macros can also be used maliciously. In the past, macro virus threats were common. Thankfully, later versions of Microsoft Office disabled macros by default thereby lessening the threat posed by macro viruses. But, online criminals are again using macros to trick people into installing malware. Unless you have a specific need to use macros and are aware of the potential risks, you would be wise to leave macros disabled.
If you receive one of these fake Simple Energy bills, do not open any attachments that it contains and do not click any links in the message. Note also that fake energy bill emails have been used in several earlier campaigns to distribute malware.
Last updated: October 29, 2015
First published: October 29, 2015
By Brett M. Christensen
Macro Virus Threat Returns - Beware Emails With Malicious Word Attachments
'Energy Statement' Malware Email
'Your Atmos Energy Bill is Available' Malware Email