The United Airlines malware attack

Filed Under: Malware, Spam

Last week I told you how spammers were sending out emails posing as messages from Northwest Airlines. The attached file was not an electronic airline ticket of course, but a Trojan horse designed to infect your computer

As anticipated, the hackers have made a simple switch - changing the bait from a Northwest Airlines email to one claiming to come from United Airlines, and spoofing the email address tickets@united.com.

United Airlines email with attached Trojan horse

A typical email contains the following message, followed by some corporate blurb about United Airlines:

Thank you for using our new service "United Airlines ticket Online" on our website.
Your account has been created:

Your login: <email address>
Your password: pass8KU9

Your credit card has been charged for $956.27.
We would like to remind you that whenever you order tickets on our website you get a discount of 3%! Attached to this message is the purchase Invoice and the United Airlines ticket. To use your ticket, simply print it on a color printed, and you are set to take off for the journey!

Kind regards,
Jillian Biggs
United Airlines

As before, opening the ZIP file is a very bad idea. Although it's understandable that you might panic into thinking that your credit card has been debited without your permission, for a flight you don't want or need, you should be cynical enough to smell this for what it is - a dirty rotten scam designed to infect your personal computer.

,

You might like

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.