Scam of the Week: Airline Phishing Attack

Artboard 1

There is a new highly effective phishing attack running through inboxes that tricks a whopping 90% of victims. All of the best criminal practices are combined to steal credentials and send malware into your network.

This attack targets companies that deal with frequent shipping of goods or high-volume of employee travel. The phishing attack targets these employees, and the messages are constructed with subjects lines and bodies that include destinations, airlines, and other details specific to each victim.

In a post explaining the attacks, the Vice President of Content Security Services at Barracuda said “After getting the employee to open the email, the second tool employed by the attacker is an advanced persistent threat embedded in an email attachment. The attachment, usually a flight confirmation or receipt, is typically formatted as a PDF or DOCX document. In this attack, the malware will be executed upon the opening of the document.”

The bad guys are doing research on you personally using social media to find out where and when you (might) be traveling. They are crafting emails especially for you with airline information that looks just like the real thing. Sometimes they even have links in the email that go to a website that looks identical to the real airline, but is a fake website. They are trying to 1) steal your company username and password and 2) trick you into opening the attachment which will infect your computer with malware.

Remember, if you want to check any airline reservations or flight status, open your browser and type the website name in the address bar. Do not click on links in emails to go to websites. ALWAYS think before you click!


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s