As if airlines—and their customers—haven’t experienced enough trouble lately, scammers are pouring more salt onto the wounds of travelers: They’re sending fake e-mails that claim to be ticket confirmations or invoices from any one of several carriers—and contain a dangerous computer virus.
Phony tickets often come in an attachment to the e-mail. Opening the attachment unleashes a Trojan horse virus that steals information from the user’s computer and reportedly transmits the data to a server hosted in Russia, according to computer experts. This virus—which can give scammers access to user passwords and other sensitive information such as online bank and credit card accounts—is believed to be the same one that robbed more than 1.6 million customer records from Monster.com last year, reports Computerworld.com, a leading website for information technology professionals.
The bogus e-mails began flooding computers on July 25, purporting to be from Northwest, Delta, Frontier, Midwest or Sun Country airlines. The messages—whose subject line reads “Online order for flight ticket” or “Your order from [airline name]”—state that the recipient’s credit card has been charged for a ticket, typically around $400.
Some targeted airlines have issued advisories on their websites, warning customers not to open the attachments and assuring them that the carriers made no charges to the recipient’s credit card. Some airlines also recommend that consumers check their credit card accounts to ensure that no fraudulent charges were made.
McAfee, a computer security software company, has posted a sample of the phony airline e-mail on its website.
Should you get such an e-mail, forward it—without opening the attachment—to the U.S. Computer Emergency Readiness Team, the agency investigating this case.
Sid Kirchheimer is the author of AARP/Sterling's “Scam-Proof Your Life.”