Energy Bill Spam Campaign Serves Up New Crypto Malware

Everyone hates getting bills, and with each new one it seems like the amount due just keeps getting higher and higher. However, Symantec recently discovered an energy bill currently being emailed to people that will hit more than just your bank account.

A recent spam campaign sending out emails masquerading as an Australian energy company is serving up the Cryptolocker malware…or at least that’s what the spammers want you to think. Once users become infected, they are told they are infected with Cryptolocker (Trojan.Cryptolocker) however, upon further research, Symantec discovered that the malware is not related to the original Cryptolocker virus and is merely a copycat attempting to cash in on the hype and infamy of Cryptolocker.

Energy bill gives users a shock
This particular spam campaign requires a lot of work from the victim to work but once it does, the user’s files will be encrypted and all the spammers have to do is wait for their ransom payment.

To infect users with the crypto malware, the spammers use a fake bill to lure recipients to a malicious website; however, the malware is not hosted here and it is just an evasive manoeuvre to evade any link-following technologies.