Warning! JavaScript is turned off or disabled! Some features on this website will not work.
« »
»
Advertisements

Your Atmos Energy Bill is Available Online – Virus Email

2014-09-09T21:09:18  +
Your Atmos Energy Bill is Available Online – Virus Email

The email message below: "Your Atmos Energy Bill is Available online," has a link to a virus or Trojan horse that will infect your Windows computer if you open it. The email message was not sent by US natural gas provider Atmos and was designed to trick the recipients into downloading and opening a malicious Trojan horse file disguised as a Microsoft Word Atmos Energy bill.

Please continue reading below.

Advertisements

The “Your Atmos Energy Bill is Available Online” Virus Email

Subject: Your Atmos Energy Bill is Available online
Your latest Atmos Energy bill is now available to view online.

Click here to find out why natural gas is the best choice for clean and responsible energy use.

Account Number : 1233080900
Bill date: 01/02/2014
Current Charges: $15.70
Total Amount Due: $15.70
Payment Due Date: Due upon receipt
Past Due Date: 01/25/13

To view your most recent bill, please click here. You must log-in to your account or register for an online account to view your statement.

There are many options to pay your bill. Sign up for the Automatic Payment Plan to have your payment automatically deducted from your bank or credit card. Pay electronically online at the Account Center, visit an Authorized

Payment Center or send a check by mail.

Our monthly bill inserts keep you current on natural gas safety information, energy-saving tips, regulatory updates and more. Click here to view the monthly inserts.

Atmos Energy appreciates your business.

EMAIL ADDRESS RESPONSIBILITY

It is the customers responsibility to pay the Atmos Energy bill and to inform Atmos Energy of any address changes (email or street address) so the bill can be delivered promptly.to ensure timely receipt of your bill and other communications, copy this e-mail address into

your approved mailing list, so it is not blocked by your protection software. Atmos Energy respects your e-mail privacy and does not sell or share your address with others.
------

This message was designed to trick the recipients into downloading a malicious file (Trojan horse), by claiming that they can click the links in it to view their recent Atmos bill or find out why natural gas is the best choice for clean and responsible energy use.

If you click anyone of the links, you will be taken to a compromised website that will download a Trojan horse file disguised as a Microsoft Word document Atmos bill to your computer.

The file is NOT an Atmos bill, but Zip or compressed file, which contains one of the Windows malicious executable files:

  • AtmosBill_Your_City_Here.exe
  • AtmosBill_Sequim_98382.exe

When we scanned these files, the following threats were detected:

  • Gen:Variant.Graftor.126406
  • TR/Graftor.126406
  • Gen:Variant.Graftor.126406
  • a variant of Win32/Kryptik.BSGQ
  • Gen:Variant.Graftor.126406 (B)
  • W32/Kryptik.BSGQ!tr
  • Trojan.Win32.Meredrop
  • Backdoor.Win32.Androm.bksn
  • Gen:Variant.Graftor.126406
  • TrojanDownloader:Win32/Kuluoz.D
  • PE:Malware.FakeDOC@CV!1.9C3C

Once your computer has become infected with this malicious Trojan horse delivered by the Asprox/Kuluoz botnet, the cybercriminals behind this email message will be able to access and take control of your computer remotely from anywhere around the world. They may spy on you, use your computer to commit cybercrimes, or steal your personal and financial information.

Now, if you have already opened the malicious Atmos bill, please do a full scan of your computer with the antivirus software installed on it.

If you don’t have antivirus software installed on your computer, please click here for a list of free antivirus software.

Never open an attachment that has a name ending with “.exe”, because these are computer programs that can infect your computer with a virus or some other malware.

Click here for a list of email attachments you should never open, regardless of where they came from.

Please continue reading below.

Advertisements

Please share with us what you know or ask a question about this article by leaving a comment below. Also, check the comment section below for additional information, if there is any.

Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: info@onlinethreatalerts.com

Also, report scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent.

If you want to quickly find answers to your questions, use our search engine.

Comments, Questions and Reviews ✍
(Total: 2)

To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews.

↓ Show More of the 2 Comments ↓

Write Your Comment, Question or Review

Write your comment, question or review in the box below to share what you know or to get answers. Please revisit after an hour or more to view reponses or answers to you questions.

Your comment, question or review will be posted as an anonymous user because you are not signed in. Sign-in.


The comments or reviews below do not necessarily reflect the views of Online Threat Alerts.

  • Posted: 2014-01-08T17:11:59 by an anonymous user from or near: Apopka, Florida, United States

    Avast doesn't fix it. It would be great to have the name of some free virus removal software programs that will detect and delete the virus.

    delete