As with the recent spate of UPS themed spammed out malware, comes the E-Ticket one.
The idea is the same – “Thanks for using our service blah blah blah ….. here is the attached receipt/invoice”
The messages so far have a subject of “E-Ticket #XXXXXXXXXX” and have the following outline
Thank you for using our new service “Buy flight ticket Online” on our website.
Your account has been created:
Your login: firstname.lastname@example.org
Your password: somepassword
Your credit card has been charged for $474.46.
We would like to remind you that whenever you order tickets on our website you get a discount of 10%!
Attached to this message is the purchase Invoice and the flight ticket.
To use your ticket, simply print it on a color printed, and you are set to take off for the journey!
Some Prominent Airline Company
The attachment is unsurprisingly called eTicket#XXXX.zip, which contains the malware, detected as Troj/Zbot-AE.
If you happen to launch this binary you’ll turn your computer into a willing bot sending your internet bill skywards…
Seems like this flight is grounded.