Sunday, October 19, 2008

Another scam/spam

My wife received an email last week that purported to be from United Airlines. Even though we run Linux she didn't want to open it up until I had a chance to check it out.

The subject line was [Your Online Flight Ticket N 24097] and the contents of the message was as follows:
Good day,
Thank you for using our new service "Buy airplane ticket Online" on our website.
Your account has been created:

Your login: **Removed**
Your password: **removed**

Your credit card has been charged for $947.90.
We would like to remind you that whenever you order tickets on our website you get a discount of 10%!
Attached to this message is the purchase Invoice and the airplane ticket.
To use your ticket, simply print it on a color printed, and you are set to take off for the journey!

Kind regards,
United Airlines
The first thing I did was to check our credit card to make sure that we were not the victims of identity theft, fortunately we are not. I then checked the file attachment and it showed 'E-ticket.zip.exe'. I checked out via Google about this and found out that there is a scam for the last year with variants on the subject for other airlines. Fortunately we don't use windows so we are fairly safe from the payload. I forwared a note to United Airlines and to quote their reply:
Mr. Traynor, please know that the e-mail you have received is not legitimate as it is not sent by United Airlines.  I would request you to not to open any attachment and provide any personal information.  Rest assured that I have forwarded your concern to our Fraud Investigation Department for their review and investigation.

We truly value your business and always look forward to serving you again
Just a heads up for everyone when you receive something like this not to open the attached file if you are not sure that you are the correct recipient. I would assume that the people behind this are hoping that people are curious enough to open the package and then take over their machines. I also like the fact that United Airlines replied so quickly that the email was not legit and forwarded a copy to their fraud department.



Update - 2008/12/15

CERT has a security notice about this, you can learn more about this scam by clicking on airline ticket email scam.

No comments: