Read us | Listen to us | Watch us | Join Live Events | Turn Off Ads | Live |

Click on your language to translate this article:

Afrikaans Afrikaans Albanian Albanian Amharic Amharic Arabic Arabic Armenian Armenian Azerbaijani Azerbaijani Basque Basque Belarusian Belarusian Bengali Bengali Bosnian Bosnian Bulgarian Bulgarian Catalan Catalan Cebuano Cebuano Chichewa Chichewa Chinese (Simplified) Chinese (Simplified) Chinese (Traditional) Chinese (Traditional) Corsican Corsican Croatian Croatian Czech Czech Danish Danish Dutch Dutch English English Esperanto Esperanto Estonian Estonian Filipino Filipino Finnish Finnish French French Frisian Frisian Galician Galician Georgian Georgian German German Greek Greek Gujarati Gujarati Haitian Creole Haitian Creole Hausa Hausa Hawaiian Hawaiian Hebrew Hebrew Hindi Hindi Hmong Hmong Hungarian Hungarian Icelandic Icelandic Igbo Igbo Indonesian Indonesian Irish Irish Italian Italian Japanese Japanese Javanese Javanese Kannada Kannada Kazakh Kazakh Khmer Khmer Korean Korean Kurdish (Kurmanji) Kurdish (Kurmanji) Kyrgyz Kyrgyz Lao Lao Latin Latin Latvian Latvian Lithuanian Lithuanian Luxembourgish Luxembourgish Macedonian Macedonian Malagasy Malagasy Malay Malay Malayalam Malayalam Maltese Maltese Maori Maori Marathi Marathi Mongolian Mongolian Myanmar (Burmese) Myanmar (Burmese) Nepali Nepali Norwegian Norwegian Pashto Pashto Persian Persian Polish Polish Portuguese Portuguese Punjabi Punjabi Romanian Romanian Russian Russian Samoan Samoan Scottish Gaelic Scottish Gaelic Serbian Serbian Sesotho Sesotho Shona Shona Sindhi Sindhi Sinhala Sinhala Slovak Slovak Slovenian Slovenian Somali Somali Spanish Spanish Sudanese Sudanese Swahili Swahili Swedish Swedish Tajik Tajik Tamil Tamil Telugu Telugu Thai Thai Turkish Turkish Ukrainian Ukrainian Urdu Urdu Uzbek Uzbek Vietnamese Vietnamese Welsh Welsh Xhosa Xhosa Yiddish Yiddish Yoruba Yoruba Zulu Zulu

Hackers renew airline-ticket scam spam

17
17
Written by editor

In a reprise of a summer tactic, hackers are trying to trick people into infecting their PCs with malware by sending them e-mail that poses as bogus airline-ticket invoices and boarding passes, a secu

In a reprise of a summer tactic, hackers are trying to trick people into infecting their PCs with malware by sending them e-mail that poses as bogus airline-ticket invoices and boarding passes, a security company said today.

The spam, which claims to be from Continental Airlines Inc., thanks the recipient for using a new “Buy flight ticket Online” service. It also provides a log-in username and password and says the recipient’s credit card has been charged more than $900, according to Trend Micro Inc.’s research.

The message says the attached .zip file includes an invoice and “flight ticket.” In fact, noted Trend Micro, the archive file contains an executable file “e-ticket.doc.exe,” which is actually a Windows worm that downloads and installs other attack code to the PC.

“It’s the old double-extension trick to hopefully fool the user to double-click the attachment,” said Joey Costoya, a Trend Micro researcher, in an entry to the company’s security blog. “The phrase ‘Your credit card has been charged …’ will just add more worry for the user, convincing him more to examine [and] double-click the ‘flight details,” Costoya added.

An almost-identical attack hit consumers last July when hackers sent spam that masqueraded as mail from Delta Air Lines Inc. and Northwest Airlines Corp. Among the few differences: The current campaign has dramatically bumped up the amount supposedly charged to recipients’ credit cards. In July, the figures were often in the $400 range.

Airline ticket prices jumped this summer as fuel costs climbed, a fact Continental recognized when it posted its third-quarter earnings last Friday. The airline, which reported a net loss of $236 million for the quarter, blamed both high fuel prices and Hurricane Ike for its poor performance.

According to Continental, its jet fuel averaged $3.49 per gallon during the quarter, up from $2.16, a 62% increase. Fuel prices peaked at $4.21 per gallon during the period, Continental said.

The malware used in July also differed from the attack code spotted by Trend Micro. Three months ago, hackers tried to plant an identity-stealing Trojan horse on users’ Windows PCs. The Trojan horse had made a name for itself in 2007 as the malware used to rip off more than 1.6 million customer records from Monster Worldwide Inc., the company that runs the popular Monster.com job site.