Malware-Laced Scam Email Imitating American Airlines Circulating
Myonlinesecurity.co.uk published news during first week of September, 2015 quoting a warning by security experts as that an email entitled your ticket order #00000239643 approved (random numbered)' pretending to be coming from the renowned American Airlines with a ZIP attachment is another one from the present bot runs that try to download different Trojans and password stealers especially stealers of banking credential which may include Dridex, Cridex, Dyreza and different CryptoLocker, Zbots, ransomware and heaps of other malicious doftware on your computer.
They employ email addresses and subject lines which will tempt an Internaut to read the email and open the attached ZIP file. A huge section is being targeted at medium and small size businesses expecting to get a better response than they expect from consumers.
These malicious attachments generally have a component which can steal password aiming to steal your bank, PayPal or other financial information along with your email or FTP (web space) log in details. Many of them are also drafted to particularly steal your log in details of Facebook and other social network.
The security experts highlight that all the times, dates, flight numbers, prices, airports etc. are arbitrary and change very often.
American Airlines confirmed the attack posting an alert on its official website and warning consumers about messages from "firstname.lastname@example.org."
The airline said: "We are aware of a new email phishing attack in circulation which contains fake itineraries and ticket numbers. However, if you receive such email, then please do not click on any links with the message and delete it immediately."
Unfortunately, this scam can be believed for two reasons: First, airlines and other travel sites send these types of confirmation emails frequently. Secondly, consumers who are scared that they have already been scammed might be persuaded to click and dispute the charge.
One of the clients of the airlines received a fake e-ticket for a 30th September flight to Oklahoma city priced at $45.
One of the airlines clients received a fake e-ticket for a flight to Oklahoma City for 30th September which was priced at $450.
The e-ticket was addressed as "Dear customer" but a genuine airline will always address the person by name. The ticket number had less than standard 13 digits and did not have American's "001" prefix. The confirmation number also varied from the traditional six letters without numbers.