Criminals are spamming out a malware via email, posing as an e-ticket from British Airways.
If the email (shown below) looks like near-identical to a genuine email from the airline then that’s because it is. The malicious gang behind the attack appear to have taken a real email from British Airways and simply attached a ZIP file containing the supposed ticket (but really harbouring a Trojan horse).
Click on the image below for a larger screenshot of the emails, that are being sent to internet users across the planet.
The emails all have the same subject line and file attachment, although – of course – the criminals behind the scheme could choose to change the disguise at any time.
Subject: BA e-ticket receipt
Attached file: BritishAirways-eticket.zip
It should go without saying that the emails don’t really come from British Airways. Instead the criminals behind the campaign have forged the email headers to appear as though they originated at BA.firstname.lastname@example.org.
Even if you weren’t planning to fly with British Airways soon, you might still open the attachment and view its contents out of curiousity. And that’s precisely what the cybercriminals are relying upon to infect as many PCs as possible.
Sophos anti-virus products intercept the malware as Troj/Invo-Zip.
Make sure that your anti-virus software is up-to-date and that your wits are about you. Always be suspicious of unsolicited email – if in doubt, don’t click on the links or open attachments in emails you weren’t expecting.Follow @gcluley
British Airways plane image from Shutterstock.