Hackers launch a deliberate Delta fake ticket receipt scam

Hackers have once again strike the users masquerading as Delta Airlines and sent phishing emails to users under the guise of surprise booking and re-accommodation stating the user’ s order have to be confirmed using their credit card details.

Heimdal Security researchers spotted the hackers sending phishing emails under the name of blank Delta Airlines ticket confirmation. The victims supposedly received an email stating the Delta user’ s ticket has been confirmed using their credit card. But it does not contain any information regarding the flight details. However it contained links to check the status of the flight.

When these links are being clicked, the users are being redirected to several compromised sites containing vicious and malicious word document infected with Hancitor malware that acts as bridge to download further malware.

Researchers informed that these phishing emails can be spotted by their illegitimate email address. The original one would end with @delta.com rather than @deltaa.com. Other thing to notice is the lack of the flight details itself, which airline companies usually include in their emails. Also the researchers warned the users to look out for the visual format of the email itself.

Tag : Phishing
FAQ
Q
What is Malware?
A
Malware (short for "malicious software") is any harmful program or file intended to secretly access a computer or steal confidential user data. The umbrella term 'Malware' covers computer viruses, worms, Trojan horses, spyware etc. Malware may be served as hidden codes within a website content, served content like banners, advertisements etc. and used as a vehicle for hacking and other cyber-crime.
Q
What should I do if I discover an infected site?
A
If you find a site with malicious content, please report your network administrator or your ISP along with the URL of the website. Also include the information that you discovered these threats by using Comodo Web Inspector scanning service, available in your report (Report as Malicious). This will enable the administrator or the ISP to rescan the reported website(s) and to take necessary actions based on the scan reports to safeguard the visitors of the website.
Q
How should I subscribe for daily malware scanning?
A
Select the plan that best suits you from the 'Plans & Pricing' page, fill in your details and you will be setup in no time!
Q
What is blacklist monitoring?
A
Web Inspector blacklist monitoring is an automated, daily check to make sure that your website is not blacklisted by any major search engine or anti-malware organization.
Approximately 6000 websites are added to Google's blacklist every day
It can take 7-10 days for remediation and recovery of a blacklisted site
During this time, your website will be blocked by all major Internet browsers
Your customers and partners will be effectively blocked and your reputation will suffer
Without an early warning system, you may be unaware until a customer complains
Q
Did your WordPress site get hacked?
A
Remember a few weeks ago there was all that noise about WordPress blogs getting hacked? Remember how everyone was urged to upgrade their blogs. You did upgrade didn’t you? No? It was inevitable that you’d be hacked. If you haven’t been hacked yet, it’s only a matter of time.