Online Threat Alerts (OTA)
An anti-cybercrime community alerting the public.

Malicious Email - British Airways E-ticket receipts

  • 0
  • 4,593
  • Mar. 12, 2014
  • Apr. 4, 2013

The fake British Airways e-ticket receipt e-mail message below is being sent to thousands of persons, in an attempt to trick them into opening a malicious attached file. The attachment is a HTML file that will redirect you to a malicious website that is setup to infect your computer with multiple malwares by taking advantage of the JAVA Zero-day exploit.

Advertisements

Here is a copy of the malicious British Airways E-ticket receipt email message:

e-ticket receipt

Booking reference: 9ML6966269

Dear,

Thank you for booking with British Airways.

Ticket Type: e-ticket

This is your e-ticket receipt. Your ticket is held in our systems, you will not receive a paper ticket for your booking.

Your itinerary is attached (Internet Exlplorer/Mozilla Firefox file)

Yours sincerely,

British Airways Customer Services

British Airways may monitor email traffic data and also the content of emails, where permitted by law, for the purposes of security and staff training and in order to prevent or detect unauthorised use of the British Airways email system.

British Airways Plc is a public limited company registered in England and Wales. Registered number: 55603199. Registered office: Waterside, PO Box 365, Harmondsworth, West Drayton, Middlesex, England, UB7 0GB.

How to contact us

Although we are unable to respond to individual replies to this email we have a comprehensive section that may help you if you have a question about your booking or travelling with British Airways.

If you require further assistance you may contact us

If you have received this email in error

This is a confidential email intended only for the British Airways Customer appearing as the addressee. If you are not the intended recipient please delete this email and inform the snder as soon as possible. Please note that any copying, distribution or other action taken or omitted to be taken in reliance upon it is prohibited and may be unlawful.

The name of the attachment is E-Receipt.htm (this name may change). If this file is open, it will redirect the victim's web browser to the malicious website address igionkialo.ru:8080/forum/links/column.php.

This website address contains the malicious BlackHole kit that will infect the victim's computer with malwares, if it is able to detect any forms of vulnerabilities on it.

If you receive this email, please delete it and ensure that you have the recommended version of JAVA installed on your computer. Click here to find out if the recommended version of JAVA is installed on your computer.

Check the comment section for additional information, or share what you know or ask a question about this article, by clicking the 'View or Write Comment' button below.

Note: Some of the information in samples on this website may have been impersonated or spoofed.

Share this article with others.
Advertisements
Write / View Comments (0)
View on Online Threat Alerts (OTA)
Help Maintain Online Threat Alerts (OTA)
Copyright © 2012 - 2024 - Online Threat Alerts (OTA).