Bogus Delta receipt confirmation leads to malware
Posted on 06.03.2013
Once again, Delta Air Lines customers are being targeted with spoofed emails supposedly carrying their eTicket, and are urged to download and open the attached PDF file purportedly containing it, or to follow offered links to it.

Some of the emails contain instructions about baggage, check-in and other requirements, as well as a short itinerary for the flights - all in the hopes of tricking the recipient into believing that the message is legitimate.

Others are peppered with links that will supposedly take you to the Itineraries page of the Delta website:

Unfortunately, the only thing that you can get from doing this is a piece of information-stealing malware installed on your computer.

Delta Air Lines is obviously aware of the spam run impersonating the company, and is warning its customers against it.

"These messages may claim that you have purchased a Delta ticket, a credit card has been charged, order has been completed, an invoice/receipt is attached to an email or website may offer free flights for following or liking an account," they point out.

"If you see or receive one of these messages, do not open attachments as it may contain potentially dangerous viruses or harm your computer. Be assured that Delta did not send these messages, and our customers’ credit cards have not been charged by Delta as a result of the emails. These messages did not originate from Delta, nor do we believe that any personal information that you provided us was used."


More than 900 embedded devices share hard-coded certs, SSH host keys

SEC Consult analyzed firmware images of more than 4000 embedded devices of over 70 vendors and found that, in some cases, there are nearly half a million devices on the web using the same certificate.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Nov 26th