US Airways Flight 1549 pilot Capt. Chesley (Sully) Sullenberger may still be basking in the praise for his astounding Hudson River splash landing last week, but the airline industry is once again seeing its good reputation being abused by malware scammers seeking to lure in would-be targets.
In September, security researchers began tracking a run of cleverly-disguised attacks that landed in users’ in-boxes purporting to be offers for discount airfares. Rather than offering real discounts, however, the messages instead merely delivered Trojan malware threats upon recipients.
Now, experts are seeing another set of airline-related malware distribution campaigns touch-down all over the globe.
According to researchers at Symantec, the latest collection of attacks advertise themselves as e-mail receipts for e-tickets purchased via credit card that users, of course, have not really ordered. The idea is to trick people into clicking on the onboard attachment to see if their real credit card data has been misused, and then attacking their machines with malware, the company said.
The e-ticket “invoice and the airplane ticket” e-mails even to go to the trouble of providing a log-in and password credentials combo for affected parties to use when verifying their information on the advertised airlines’ Web sites.
The specific airlines having their good names tarnished in the attacks include United, Northwest, JetBlue, Midwest, and Sun Country.
So, even if you’re a frequent flier, don’t get sucked into this type of scam like so many Canadian geese drawn into flying jet engines.
Because that would really suck, right?
Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWeek and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to SecurityWatchBlog@gmail.com.