Travelling has become easier and easier to do. Simply choose your destination (hotel, car, airlines), and book it all online. You will then get an email(s) outlining your travel particulars.
However, it seems as though you don’t even have to be going anywhere in order to receive travel confirmation emails in your inbox. You guessed it. Email malware!
The latest attempt by malware peddlers is in the form of a KLM airline email ticket. It even goes as far as using a layout that is about 95% accurate to the original. However, there is critical information missing on the fake ticket that the malware developers have so thoughfully included in the email attachment. Yah, right! (KLM-e-Ticket.zip).
Antivirus developers had analyzed two binary files extracted from two different KLM attachments, and both of them grant remote shell access to the compromised machine via telnet to port 8000. It turns out that these binaries are not limited to the KLM email virus either, as they have also been used with spam campaigns impersonating Microsoft and Telstra as well.
“Although this scam does not specifically target KLM customers, those who have made recent ticket purchases as well as recipients who may fear that an unauthorized credit card purchase has been made could fall victim,” the researchers point out.
Take Away
Always keep an vigilant eye on your email, and exercise caution. If you are unsure as to whether a purchase was made online, contact your financial institution.