Going somewhere? Please confirm your online check-in. Oops. Not so fast. New U.S. Air scam has hit your Inbox

By | April 09, 2012

Posted in: Network Security Trends

I was bombarded with a series of sneaky phishing messages appearing to come from U.S. Airways over the last few days. What made these messages all the more dangerous was I was actually traveling on the days the messages referenced. Fortunately, I wasn’t traveling on U.S. Air, so I wasn’t overly tempted to bite on any nasty links. If I had been — my phishing radar notwithstanding — I might well have clicked without the requisite thought in violation of all my self-imposed rules. I like to think not, but….

This phishing scam has surfaced in the last week or so, and it’s fairly slick, although it doesn’t have a salutation including the recipient by name (if an email doesn’t address you personally, just as “Valued Customer” or some such, or in this case, no salutation at all, stay clear). It carries a U.S. Air logo, a phony confirmation code, flight number, time and date, destination and even an ad for a U.S. Air credit card with a handsome photo of the card. The bottom info includes a purported link to the U.S. Air privacy policy, etc. (see the image).

US Airways Credit Scam

The subject line will say “US Airways Online Confirmation,” US Airways Online Check-In,” “Please Confirm Your US Airways Online Registration,” and so on. I personally received seven of these in three days, all for the same flight departing from Washington, D.C., but all with different confirmation numbers, so these are clearly high-volume, fairly random mass mailings, rather than targeted messages.

The link is to Check in online” for online reservation details but in reality leads to malicious websites hosting the notorious and ubiquitous Blackhole exploit toolkit, which currently is being used by the vast majority of malicious and compromised sites.

I’ll add to the drumbeat of oft-repeated advice: Don’t click on a link in an email, chat, Facebook, Twitter message etc. unless you are absolutely, positively sure of what it is and where and who it comes from. Then, before you click, stop and think about it a little more. Make sure the message is directly personally to you, preferably in response to something that is actually happening (a flight you are actually taking, something you have ordered online, an inquiry you have initiated, etc.).

To compound the experience, apparently by coincidence, my wife got a snail-mail notice from t “U.S. Airlines,” which was close enough to U.S. Airways make me think me think at first blush that this was all part of some more elaborate scam. This scam, from the fictitious airline, congratulates the recipient on winning two tickets to anywhere in the continental United States. Just contact the VP whose name appears at the bottom. Apparently unrelated, but a reminder that not all scams are on the Internet  and that the world is a pretty risky place.


You May Also Be Interested In: