Fake energy bills being used in phishing scam

The Australian Competition and Consumer Commission is warning consumers to watch out for a new phishing email asking you to pay bogus gas or electricity bills.

These emails purport to be from legitimate energy companies and look like the real deal. Scammers may claim you have an amount owing for exceeding your energy consumption limit and that you are eligible to use a discounted energy tariff if you pay the bill now.

The email directs you to click on a link or attachment to view your statement and arrange payment. If you click, your computer may become infected with malicious software that allows scammers to remote access into your computer and watch you entering personal information such as online banking details.

The link takes you to a webpage with all of the hallmarks of an online payment service, including account summary, account number, billing period, due date and instructions for payment. Wire money transfers are a favourite amongst scammers because they are difficult to trace and the funds are almost impossible to recover.

Once scammers have your personal information, they can steal your money or your identity. Reports have also surfaced about scammers approaching consumers via phone, SMS and post.

“Scammers will try every trick in the book to get a hold of your money,” ACCC Deputy Chair Delia Rickard said.

“The ACCC has received over 300 contacts about this scam this year but what is reported is often just the tip of the iceberg.”

“Fortunately, no money has been reported lost to this particular scam but the fraudsters will cast a wide net until someone takes the bait,” Ms Rickard said.

Protect yourself:

  • If you receive an email out of the blue from an energy company requesting money – delete it. Do not click on any links or open any attachments.
  • If you receive an email from your energy company and you are not sure if it is a scam, verify the content by contacting them directly before you open the email.
  • Don’t click ‘reply’. Instead, find their details through an independent source such as a web search – do not use contact details provided in the email. Remember it is better to err on the side of caution.
  • Keep your computer secure by having up-to-date firewall, anti-virus and anti-spyware software. If you think your computer’s security has been compromised, run a virus check, contact your anti-virus software provider or speak to a computer specialist.
  • If you think you have provided your account details to a scammer, contact your bank or financial institution immediately.