Australians are being targeted in a phishing scam which uses a realistic Energy Australia bill to launch a Crytoplocker virus which encrypts files and holds them ransom.
Missing Link security manager, Aaron Bailey, said the virus had been detected as early as 8am on Friday, May 30.
"There seems to be a new variant of the Cryptolocker virus in the wild that came out on Friday, pretending to be a bill statement from Energy Australia," he said.
"It’s very likely this has targeted many senior executives within a wide number of Australian businesses.
"The virus seems to deploy Cryptolocker which encrypts files and holds them to ransom, although the delivery vector/mechanism has been customised for Australian targets by posing as an Energy Australia bill."
Bailey said anybody receiving emails with attachments or links needed to always be extremely careful to ensure they know the sender and were expecting the email to be sent to them.
"If an email is deemed suspicious it should be forwarded to the IT or Security department for analysis," he said.
"This particular phishing attack does look quite realistic although on close inspection there are some clues to it being fake."
He said local malware detection, protection and remediation measures on each client and server should be implemented.
"Critical data should always be backed up with restores periodically tested to ensure data integrity and availability," he said.
"Advanced malware detection and analysis technologies should be considered for the best proactive defence under these circumstances.
"We provide consulting, solutions and managed services that can assist with these scenarios and can provide incident response if required.