Tuesday, October 14, 2008

E-ticket Virus

Boy this was freaky. I booked a flight on Delta the other day. Today I received the following e-mail on an address I don't use when I book travel:

Good afternoon,

Thank you for using our new service "Buy airplane ticket Online" on our website.

Your account has been created:

Your login: <e-mail address here>

Your password: PASS2VS9

Your credit card has been charged for $941.89.

We would like to remind you that whenever you order tickets on our website you get a discount of 10%!

Attached to this message is the purchase Invoice and the airplane ticket.

To use your ticket, simply print it on a color printed, and you are set to take off for the journey!

Kind regards,

Delta Air Lines

Being the bright guy that I am, I immediately went into investigation mode. Step one - scan the attachment and find out if its a virus. Sure enough, it turns out that it was.

Couple of things to always keep your eyes open for:

  1. If you're not expecting an attachment, always scan it first before opening it up.
  2. Always remember that anti-virus software is there as a backup to your savvy. Don't rely on it as a first layer.
  3. Notice that the e-mail didn't say my name. Any legit e-mail from a site such as Delta would include the recipient's name. There's also just a general lack of personal information - there is no information about the flight, the last four of the cc that was used for the charge, etc.
  4. Notice the typo - "..simply print it on a color printed..."
  5. Notice the funky English - "Buy airplane ticket Online". That was the title of the new service. Bad formatting the whole way around.

Morals of the story: If something doesn't look right it probably isn't, and don't trust attachments from anyone.

1 comment:

~B said...

Good call. I just received an email from Citibank that looked legitimate and wasn't unexpected, but when I clicked the URL that said www.citibank.com (I know, I know, I shouldn't have clicked it) the actual URL that showed up had the words "ethiopia" and "coffee" in it somewhere. Freaky. I reported it to the Citi-fraud address and promised myself that I would be slightly more cynical when it comes to emails.