Airline E-ticket Email Attack

Home

US-CERT Computer Emergency Readiness Team

US-CERT is aware of public reports indicating that a new email attack is circulating. This attack uses email messages that appear to be from legitimate airlines and contain information about a bogus e-ticket. These email messages instruct the user to open the attachment to obtain the e-ticket. If a user opens this attachment, a file may be executed to infect the user's system with malicious code.

Reports, including a posting by Sophos Sophos , indicate that these messages have the following characteristics. Please note that these attributes may change at any time.

The subject line "E-Ticket#XXXXXXXXXX"
An attachment named "eTicket#XXXX.zip"

US-CERT encourages users and administrators to take the following preventative measures to help mitigate the security risks:

Install anti-virus software, and keep its virus signature file up to date.
Do not open attachments in unsolicited email messages.
Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.

Read more: US-CERT Current Activity

Airline E-ticket Email Attack

Popular Words in Internet Security Alerts

Related Items