Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Bogus E-mails Purporting to be American Airlines Confirm Ticket Purchase

MX Lab the security company reports that a few samples of bogus e-mails confirming orders, while posing as being sent from American Airlines are circulating online.

According to the company's researchers, the e-mail that tells the recipient about an airlines ticket bought via his credit card contains one solitary image that's representative of the e-mail's main message portion.

Clicking this image, however, lands users on a hijacked online site which's designed for harboring one sinister HTML file. Inside this sinister document, there's one JavaScript that starts off extracting a condensed archive wherein the payload hides.

Called as AA_Electronic_Ticket.zip, the condensed archive carries the huge executable file named AA_Electronic_Ticket.exe sized 60 KB.

The included malware is dubbed Win32/TrojanDownloader.Zortob.B, Spyware/Win32.Zbot, W32/Kryptik.BWW, or Trojan.Generic.KDV.783582, the researchers outline.

Presently, merely 13 AV solutions on VirusTotal have detected the file to be dubious else malevolent, they add.

American Airlines, even as it denied any connection with the presently going electronic mail scam posted online that everything about the subject line, flight information as well as order number depicted within the malware-laced e-mails are likely to be different. It further posted that all of the different e-mails mayn't even function identically.

A few e-mails are likely to have the malicious software within an attachment, while the rest could take victims onto one website laden with the malware.

American Airlines also posted cautioning customers against following any web-link, viewing one or more given attachments, trying any given telephone number alternatively doing as per the instructions mentioned within the fake e-mails. Rather they should erase all the said kind of e-mails. For, AA would neither ever dispatch .exe documents in attachments nor request any private data from its customers through e-mail, AA added. Consumeraffairs.com published this dated November 8, 2012.

Meanwhile, it isn't just American Airlines which has been hit with such an e-mail scam recently, Some Internauts have even got the fake 'airlines confirmation' e-mails but supposedly from Delta Airlines. Earlier during 2008 also many airlines were attacked similarly with e-mails, which asserted about charges being made on the payment cards of the recipients owing to tickets purchased.

Related article: Bogus News Site Spreads Trojan

ยป SPAMfighter News - 11/17/2012

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page