“AGL Energy” malware

A number of sources in the media are reporting a bogus email purporting to come from AGL Energy that contains malware. This malware typically installs some type of ransomware on your computer that will encrypt all the data files that it has access to (including network shares) and demand a ransom before they [promise to] unlock them.

It's been reported that this has affected over 10,000 Australians in a week. Here are some links for more information:

smh.com.au

heraldsun.com.au

www.yourlifechoices.com.au

So "I guess", be on the lookout for this one however that's in some ways a bad approach. Being on the lookout for an AGL email when the same thing has been coming from emails purporting to be from Australia post, DHL, Telstra and others for some time now isn't very effective. A better approach is to be careful with ALL emails and have the proper prevention and mitigation strategies in place. 

Here are three things you can do as a starting point: 

• DON'T BE AN ADMINISTRATOR ON YOUR OWN COMPUTER (I may have mentioned that before)
• Have good backups in pace that are isolated from the system (a single USB drive plugged in to the system isn't adequate)
• Be thoughtful and careful with what you open or what links you follow, if it doubt don't open it 

Bonus point: 

• Have a really good quality antispam service that will; 

1. Identify most bogus messages as being not legitimately from the company in question 
2. Prevent casual access to suspect emails, suspect emails should be quarantined by default 

(for your information I can recommend that dedicated antispam product for about $3.50 per user per month)

This blog post has been provided for the benefit of digitalwelcomemat IT customers. Treat this information as informative only and do not take actions or make decisions on the basis of the information contained here. All IT decisions and actions should be made after consultation with your chosen IT professional taking into account all the of the relevant factors.