Beware! Flight Information Phishing Emails
This is the time of year when many people travel. We have received a lot of questions recently about the latest email security threat: a new wave of "phishing" emails that are based on flight information notifications.
The emails vary, but as an example, one of the emails we looked at had a subject of "Your Flight Order" and some official looking numbers, with the content of the email containing the flight number, date and time of departure, airport name, price, and then a link to print the ticket. This link looks innocuous, but it actually goes to a foreign web site set up to steal information from you, or infect your system with malware.
What a lot of people may not know is that a link in an email can say anything, and be coded to go to an entirely different location. The "bad guys" are basically trying to get you to click on the link. You may have travel plans and quickly click on the link because you think it's your real ticket, or you may be curious because you think your credit card may have been breached ("who bought this ticket and why am I getting the notification?"). With "social engineering" the emails look familiar, so people unknowingly click on the links. Other recent phishing scams involved package shipment notifications and ACH bank transfer notifications. Because the actual text of the email is innocuous, these scams will often get through spam filters when the new wave first appears, until the spam filter definitions catch up.
Delta airlines has a link on their web site alerting folks about the phishing email alert if you want to read more. The US Computer Emergency Readiness Team (CERT) has a posting on their website of a number of holiday phishing and malware threats. The Federal Trade Commission's Phishing Scam Page also has a lot of excellent information about how to protect yourself form on-line threats.
ALWAYS be aware when reading your mail. Don't click on any links in emails that are questionable.