Sydney Airport Hotel Reservation Malware Email
This email, which purports to be from the Reservations Department at Rydges Sydney Airport Hotel, claims that you have three rooms booked for tomorrow night.
The message urges you to open the attached .zip file to confirm your booking so that the rooms can be allocated.
However, the email is not from Rydges Sydney Airport or any other hotel. Opening the attached file can install a trojan on your computer. Once installed, the trojan may download further malware, and allow criminals to access and use the infected computer.
The scammers are using simple social engineering to trick recipients into opening the attachment and infecting their computers. The scammers hope that at least a few who receive the email will be panicked into opening the attachment in the mistaken belief that hotel rooms have been booked and payed for in their names.
Note that the names and locations of hotels mentioned in these emails may vary in different versions. If you receive one of these malware messages, do not open any attachments or follow any links that it contains.
Identity theft is one of the fastest growing crimes in the world. Learn how to stay safe online with Hoax-Slayer's comprehensive eBook:
From: Reservations Sydney Airport
I hope this email finds you well. I am contacting you in relation to your bookings for tomorrow night with us here at Rydges Sydney Airport. We currently have THREE bookings in place for you. To ensure that this is indeed correct and not a duplicate booking due to a technical glitch would you be able to kindly confirm that you will be requiring the three rooms booked?
Once you have confirmed this, I’ll notate to similarly allocate the rooms adjacent to each for convenience on arrival.
We look forward to receiving your confirmation (and welcoming you to our Hotel tomorrow!)
Attachment name: booking_hotel_confirmation.zip
Last updated: April 24, 2015
First published: April 24, 2015
By Brett M. Christensen
Sophos - Mal/DrodZp-A
Malware Threat Articles