Airlines in the US at the receiving end of a phishing scam
Photo by: Jonfeinstein
There seems to be a concerted phishing attack targeting US airlines presently. NorthWest Airlines, Delta Airlines, MidWest Air Group, and Sun Country Airlines all have become facades for fraudsters to carry out phishing scams across the country. Complaints from all over US cite receiving email messages in the name of the above airlines urging recipients to confirm a ticket purchase they never ordered.
The email forces an entry by thanking recipients for buying the tickets using the “Buy flight ticket online” service offered by the airline. Giving details of the purchased ticket, it asks them to confirm the purchase by printing out the invoice and the ticket after clicking on an attachment in the mail.
Unsuspecting users who click on the attachment set off a bomb as it is just a ruse for the fraudsters to download a malicious program onto their computers. The malware goes by the name “Trojan.Zbot-1715” and those who profess familiarity with it, say it spells trouble.
This malware enables the fraudsters to scan and glean confidential information like credit card access codes, social security numbers and net banking passwords of their victims by allowing them remote access to their machines.
Realizing the threat, airlines say there are a couple of things inside the mail which should warn people of the scam. The emails are written in bad English; smelling mistakes and mistakes in grammar stick out like sore thumbs. Secondly, the airlines say regular users will be warned by the strange format in which the itineraries are presented.
Northwest Airline’s Vice President for e-commerce, Al Lenza, reaffirms:
Customers should be aware that these e-mails are not coming from the airline. NWA itineraries are specific and contain information that customer will recognize. If the format does not look familiar to you, and you have not recently purchased a ticket, do not open the attachment. Delete the e-mail right away.
Those who receive the emails should delete it without tinkering with the attachment inside. They should also look into their card statements to make certain no unfamiliar payments were made from it.
Sources: WSJ Online & StarTribune.com
Related posts:
- Fake Airlines email scam homes in on Finland
- Watch Out For Latest Delta Airlines Email Scam in Your Inbox
- Tickets2cheap.com a scam, warns Queensland Police
- Massive airline ticket scam : Two women with 38 indicted in federal court
- Email Scam cons with claims of airline ticket purchase online
November 13th, 2008 at 10:03 am
I got the above described E-mail from Sun Country Airlines. I use Mailwasher to monitor all my E-mail, which lets me see the messages on the server without downloading them. I sent a copy to my credit card company, checked my account (didn’t find the charge) and Googled this site.
With Mailwasher I am able to delete and bounce back suspected E-mails (as if I don’t exist), which I did in this case. I would recommend this FREE software to all for protection. I never download any suspected E-mail.
Go here for a free download: ‘http://www.mailwasher.net/’
Jim of Winchester
January 12th, 2009 at 7:37 pm
T-Mobile Compainion Ticket for airlines is a complete scam.
I received my mailer from T-Mobile, wasted time going through the regristration.
After checking the false advertisement of no black out dates and “free companion ticket” it is very evident that the exact same airline ticket for the exact same date will cost you about $65 more for two persons.
Even worse T-Mobile limits you to a Saturday stay over
You can easily find cheaper flights without any of the T-Mobile restrictions
Also,
I found plenty of black out dates. It is not hard…
T-Mobile cell phone scam
T-Mobile cell phone advertisement
T-Mobile customer reward
March 2nd, 2009 at 10:24 am
Just wanted to note somewhere that the airline scam as described above is still operating as of March 1, 2009. Received an e-mail from delta.com indicating that had purchased a Delta airline e-ticket, had a confirmation number (all uppercase letters) and that could read the details of the iterinary in the enclosed zip file, which was attached to the e-mail. My inbox had marked it as junk e-mail and I deleted it because knew better than to download a zip file for something hadn’t initiated, but did give me pause. The only other info to note is that was sent to my e-address using a pop extension rather com
March 6th, 2009 at 2:07 pm
“smelling mistakes” LOL