Boy this was freaky. I booked a flight on Delta the other day. Today I received the following e-mail on an address I don't use when I book travel:
Thank you for using our new service "Buy airplane ticket Online" on our website.
Your account has been created:
Your login: <e-mail address here>
Your password: PASS2VS9
Your credit card has been charged for $941.89.
We would like to remind you that whenever you order tickets on our website you get a discount of 10%!
Attached to this message is the purchase Invoice and the airplane ticket.
To use your ticket, simply print it on a color printed, and you are set to take off for the journey!
Delta Air Lines
Being the bright guy that I am, I immediately went into investigation mode. Step one - scan the attachment and find out if its a virus. Sure enough, it turns out that it was.
Couple of things to always keep your eyes open for:
- If you're not expecting an attachment, always scan it first before opening it up.
- Always remember that anti-virus software is there as a backup to your savvy. Don't rely on it as a first layer.
- Notice that the e-mail didn't say my name. Any legit e-mail from a site such as Delta would include the recipient's name. There's also just a general lack of personal information - there is no information about the flight, the last four of the cc that was used for the charge, etc.
- Notice the typo - "..simply print it on a color printed..."
- Notice the funky English - "Buy airplane ticket Online". That was the title of the new service. Bad formatting the whole way around.
Morals of the story: If something doesn't look right it probably isn't, and don't trust attachments from anyone.