Our researchers in the AV Labs found the following malicious spam campaigns related to airline flights that we’re highlighting this week:
- ‘Preferred Seat Order’ leads to malware infection. Patrons of American Airlines (AA) were targetted by online criminals via a surge of spam claiming to be “preferred seat order” email notifications. Image and text links on the message body, once clicked, led users to Blackhole–Zbot system infections.
This isn’t the first time spammers banked on AA to get clicks to infection sites. Unfortunately, we don’t expect this to be the last.
- US Airways online reservation spam makes a comeback. Similar to the AA campaign above, this spam also disguised itself as a notification email. At the time of discovery and writing, we found that users who click links on its message body were directed to pages where a Blackhole exploit code is housed.
Last known variant of this spam was spotted and documented two months ago.
The GFI Labs Team
Leave a reply