It’s back….. the email confirmation (really a Trojan/Virus) for the airline ticket you never purchased is again making the rounds.
The subject line is pretty straightforward:
Online order for airplane ticket N648365
Though the “order number” at the end is randomized in order to try and evade some of the simpler spam filtering systems.
It will most commonly claim to be coming from your own email address or one within the same domain. While this is a pretty obvious tipoff that the email is bogus, the sender is hoping that this will also increase the odds of the email actually being delivered and that you’ll be focused on the subject line, not noticing the “From” address.
The body of the email itself says:
Good afternoon,
Thank you for using our new service “Buy airplane ticket Online” on our website.
Your account has been created:
Your login: (youremailaddress)
Your password: G6vFjbdpYour credit card has been charged for $998.63.
We would like to remind you that whenever you order tickets on our website you get a discount of 10%!Attached to this message is the purchase Invoice and the airplane ticket.
To use your ticket, simply print it on a color printed, and you are set to take off for the journey!Kind regards,
Delta Air Lines
The inclusion of the “username/password” is a nice touch to try and make this look like a legitimate email, especially since the email inserts your actual email address as the username. The offer of 10% off future orders is also a clever ploy.
Keep in mind, we’ve seen this email claim to come from any number of airlines, not just Delta.
Naturally, your “ticket” is attached, and in two different and convenient formats:
- eTicket.zip
- eTicket.exe
Both contain the malware, and opening either will infect the user’s computer (turning it into a spam sending zombie to further the spread of the botnet).
Presumably, this campaign is based on the recipient supposedly believing either that:
- This is actually a legitimate email that has been misdirected to your email account. If you believe this, then you may just be curious enough to click on one of the attachments.
- Someone has fraudulently purchased an airline ticket using your credentials. You might then feel compelled to find out more about the transaction so that you can dispute the charges, cancel the order or take some other corrective action.
In either case, the social engineering is relatively sound and it can be expected that a fair number of users will indeed execute one of the attachments, thereby infecting their systems.
- -
OnlyMyEmail is an award winning hosted spam filtering service and business email hosting provider. Our enterprise cloud computing anti-spam solution, the MX-Defender, has the highest capture rate of any spam filter ever tested in the VBSpam Challenge, blocking a record setting 99.9993% of all malicious and junk email.
Our Personal spam filtering system is also a Software as a Service (SaaS) solution and has won both the PC World "World Class Award" and also the PC Magazine "Editor's Choice Award."
OME-Kids is a webmail solution that protects children from spam and other harmful emails. OME-Kids offers unique Parental Controls that allow you to choose the level of security and oversight that's right for your child.
No related posts.
