Go to top of page

Malicious emails impersonate Origin Energy

Priority Level: 
21 July 2017

Several media outlets have reported that a new scam email campaign impersonating Origin Energy has been targeting Australians this week.

What to do now

If you think you have received one of these deceptive emails, do not open it and do not click on the orange ā€˜View bill' button.

Delete the email and if you are in any way unsure contact Origin Energy using the contact details from their website.


According to security company MailGuard, who wrote about the malicious emails on their blog, they appear to be bills from Origin Energy and feature the utility company's distinctive branding. These fake bills also feature variable amounts and due dates and attempt to run a malicious script when clicked on.

These emails are well-crafted and appear convincing, possibly making them more likely to persuade well-meaning Origin customers to follow their instructions.

If you did click on the button and you think you may have downloaded the malicious script, run a full scan of your computer using your anti-virus software and consider restoring your computer and its precious data from backup. Learn more about restoring your data and what to do if you've been a victim of malicious software.

Origin Energy confirmed that they were also aware of these emails via their Twitter account.

Staying safe

Origin Energy provides detailed information on their website on how to tell a real Origin message from a fake one and what to do if you think you've received a fake one.

Stay Smart Online also provides information on how to protect yourself when using email but generally, don't open or click on links in email from people or organisations you don't know or are not expecting, and use a spam filter and anti-virus software to protect yourself from being exposed to deceptive and malicious messages.

More information

Stay Smart Online has more information on phishing, malware and online scams ā€“ including steps you can take if you think you've been scammed and how you can protect yourself from these threats online.

The information provided here is of a general nature. Everyone's circumstances are different. If you require specific advice you should contact your local technical support provider.