The bad guys are up to their old tricks again, spamming out malicious attachments posing as airline tickets.
The latest attack, which we’re seeing in many of our spamtraps around the world, poses as an email from Delta Air Lines.
Here’s a typical message:
Subject: Online order for airplane ticket N648365
Thank you for using our new service "Buy airplane ticket Online" on our website.
Your account has been created:
Your login: [removed]
Your password: G6vFjbdp
Your credit card has been charged for $998.63.
We would like to remind you that whenever you order tickets on our website you get a discount of 10%! Attached to this message is the purchase Invoice and the airplane ticket.
To use your ticket, simply print it on a color printed, and you are set to take off for the journey!
Delta Air Lines
Attached file: eTicket.zip
Of course, even if you haven’t booked an airline ticket you may still very well open the attachment – especially if you believe your credit card may have been charged for such a large amount of money!
Sophos detects the malicious file attached to the emails as Mal/BredoZp-B and Mal/EncPk-MP. Users of other anti-virus products are advised to ensure that they are up-to-date and capable of detecting this email-borne threat.