DarkFiber Consulting – IT Managed Services

Airline E-ticket Email Attack

July 31st, 2008 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports indicating that a new email attack is circulating. This attack uses email messages that appear to be from legitimate airlines and contain information about a bogus e-ticket. These email messages instruct the user to open the attachment to obtain the e-ticket. If a user opens this attachment, a file may be executed to infect the user’s system with malicious code.

Reports, including a posting by Sophos, indicate that these messages have the following characteristics. Please note that these attributes may change at any time.

  • The subject line “E-Ticket#XXXXXXXXXX”
  • An attachment named “eTicket#XXXX.zip”

DarkFiber Consulting encourages users and administrators to take the following preventative measures to help mitigate the security risks: