Last week I told you how spammers were sending out emails posing as messages from Northwest Airlines. The attached file was not an electronic airline ticket of course, but a Trojan horse designed to infect your computer
As anticipated, the hackers have made a simple switch - changing the bait from a Northwest Airlines email to one claiming to come from United Airlines, and spoofing the email address email@example.com.
A typical email contains the following message, followed by some corporate blurb about United Airlines:
Thank you for using our new service "United Airlines ticket Online" on our website.
Your account has been created:
Your login: <email address>
Your password: pass8KU9
Your credit card has been charged for $956.27.
We would like to remind you that whenever you order tickets on our website you get a discount of 3%! Attached to this message is the purchase Invoice and the United Airlines ticket. To use your ticket, simply print it on a color printed, and you are set to take off for the journey!
As before, opening the ZIP file is a very bad idea. Although it's understandable that you might panic into thinking that your credit card has been debited without your permission, for a flight you don't want or need, you should be cynical enough to smell this for what it is - a dirty rotten scam designed to infect your personal computer.