Issue 158 - July, 2013 (2nd Edition) - Page 13
Expedia Travel Itinerary Malware Email
Email purporting to be a trip itinerary from travel booking service Expedia.com.au provides details for a recently booked trip and claims that recipients can view trip details in an attached file.
© Depositphotos.com/ La Fabrika Pixel s.l.
The email is not from Expedia. The attachment is a .zip file that hides a .exe file disguised as a PDF. Opening the .exe file can install malware on the user's computer. If you receive one of these emails, do not open any attachments or click any links that it contains.
Subject: Your Trip Details Lancaster Gate Hotel, London - 29/08/2013
Thanks for booking with Expedia! Below is a summary of the trip you recently booked.
To help ensure everything runs as smoothly as possible, keep this email handy so you can refer to it when you check in as it contains all the essential information you'll need.
If you're travelling internationally, don't forget to check the visa requirements for your end destination and any countries you're travelling through during your trip.
Expedia Itinerary Number(s)
See trip details below or Attached
An email currently being distributed masquerades as a trip itinerary and booking advice from travel booking service Expedia.com.au. The email informs recipients of a recent travel booking they have made and suggests that they can view details of the supposed trip by opening an attached file. The message comes complete with the Expedia logo and colour scheme.
However, the email is not from Expedia.com.au and the attachment does not contain trip details as claimed. In fact, the message is sent by online criminals intent on tricking recipients into installing malware on their computers.
The criminals bank on the fact that at least some recipients, panicked by the thought that their credit card has been used to book an expensive trip in their name, will open the attachment and corresponding .exe file without due care. People who have recently booked a trip with the company may also be more likely to fall for the ruse and open the attached file.
Those who do open the attachment will see what at first glance might seem to be an innocent PDF. If the message were genuine, a .pdf would probably be the expected file format. However, the malicious file actually has a double extension (.pdf.exe) and opening this .exe file will install the malware. Typically, such malware can steal sensitive information from the compromised computer and send it to remote servers. It can also download even more malware and allow criminals to control the computer from afar.
During the last several years, similar "Itinerary" malware emails have claimed to be from various other travel related entities including Jetstar
, Delta Airlines
and American Airlines
. If your receive any unsolicited and unexpected email claiming to contain travel booking information, do not open any attachments or click on any links that it contains.
Last updated: July 9, 2013
First published: July 9, 2013
By Brett M. Christensen
Pages in this issue:
- Capri Sun Mold Warning
- False Child Abduction Alert - 'Lilly Snatched From Surrey'
- Gas Saving Tips - Are They Really Saving You Anything?
- China Food Imports - Is It Really That Simple?
- Jury Duty Phone Scam Warning
- Myth - Ice Water Can Cause Dangerous Bloating in DogsD
- Amazon 'Important Message From Security Center' Phishing Scam
- Hoax: Facebook to Start Charging This Summer
- Kmart Australia Giveaway Like-Farming Scam
- Do Water Filled Zip-Lock Bags with Added Pennies Keep Flies Away?
- Photos of Old Car Collection Found in Portugal Barn
- Faux Image - Mounted Police Officer Riding Giant Dog
- Expedia Travel Itinerary Malware Email
- 'Google Account Hacked' Text Message Scam
- Completely Pointless and Misleading 'Facebook Privacy Notice'
- Hoax - Pope Benedict XVI Resigned Papacy to Convert to Islam
- Wonga.com 'Account Error' Phishing Scam
- Hoax Warning Claims Deadly Swine Flu Epidemic in South Africa
- Australian Government Withdrawing Funds From Inactive Accounts Warning
- 'Facebook Has Sent You a Message' Pharmacy Spam
- Pepsi Cola Bottling Company 'Grant Compensation' Advance Fee Scam
- Does a Viral Image Depict a Monkey Saving a Puppy From An Explosion?
- Advance Fee Scammers Using Cloned FB Accounts To Gain Victims
- South African 'Mighty Men' Conferences Racial Integration Hoax
- Did Samsung Pay a $1 Billion Fine to Apple in 5 Cent Coins?
- Browser and Operating System Survey Scam
- Circulating Message Falsely Accuses Pictured Man of Being a Human Trafficker