Delta Air Lines Passenger Itinerary Receipt Malware Emails
Summary: Email purporting to be from Delta Air Lines provides details of a supposed ticket purchase and instructs recipients to open an attached file to view a passenger itinerary receipt (Full commentary below).
Status: Attachment caries malware
Example:(Submitted, March 2009)
Subject: Confirmation of airline ticket purchase at www.delta.com
Thanks for the purchase!
Booking number: 4JR89HG9E
You will find attached to this letter PASSENGER ITINERARY RECEIPT of your electronic ticket.
It verifies that you paid the ticket in full and confirms your right for air travel and luggage transportation by the indicated flight Delta Air Lines.
On board you will be offered:
- beverages;
- food;
- daily press.
You are guaranteed top-quality services and attention on the part of our benevolent personnel.
We recommend you to print PASSENGER ITINERARY RECEIPT and take it alone to the airport. It will help you to pass control and registration procedures faster.
See you on board!
Best regards,
Delta Air Lines
Commentary:
This email purports to be from US based air carrier Delta Air Lines and claims to contain information about a recent online ticket purchase. It instructs recipients to open an attached file, ostensibly to print out a "passenger itinerary receipt".
However, the email is not from Delta and opening the attached file can install malware that may allow hackers to control the infected computer and steal personal and financial information. Delta Air Lines has published the following advisory on its website warning Internet users about the threat:
Advisory: Fraudulent emails, purporting to be from Delta, have apparently been sent to consumers in the last 24 hours. These emails claim that the recipient has purchased a Delta ticket, that a credit card has been charged, and that an invoice or receipt is attached to the email. If you have received one of these emails, do not open the attachment as it may contain potentially dangerous viruses or other malware that may harm your computer. Be assured that Delta did not send these emails, and our customers’ credit cards have not been charged as a result of the emails. These emails did not originate with Delta, nor do we believe that any personal information that our customers provided to us was used to generate these emails. We will continue to post updates on this page as additional information becomes available.
Internet criminals regularly send malware emails that use cover stories such as this one that are designed to trick recipients into opening an attachment or clicking a link without due care and attention. During 2008 several air lines were targeted in similar malware emails that claimed that the recipient's credit card had been charged for flight tickets. As in this case, an attachment carried malware that could steal information.
