Technology

British Airways e-Ticket Malware Attack by E-mail

There have been e-mails going around claiming to be from British Airways that provides an e-Ticket for an upcoming flight booked by you.

Brandon Himpfen

2 min read
British Airways e-Ticket Malware Attack by E-mail
Photo by Arkin Si / Unsplash

There have been e-mails going around claiming to be from British Airways that provides an e-Ticket for an upcoming flight booked by you. If you have received these e-mails, you should be careful, as they could potentially contain malware.

The e-mail is a disguise from the what they are really trying to do, which is infect your computer with a variant of the malicious Win32/Spy.Zbot.AAU trojan.

The following is an example of what the e-mail looks like:

From: British Airways [mailto:BA.CustSrvcs@email.ba.com]
Subject: Your Order #70391830 / 25 feb 2014

Dear Customer,

This is a confirmation that your order has been successfully processed.

Booking reference: 9C1PWF
DEPARTURE DATE & TIME / FEB 28, 2014, 11:30 AM
DEPARTING / LONDON
TOTAL PRICE / 650 GBP

The flight number and the seat number can be located in the lower part of the ticket.

An electronic copy of the ticket can be downloaded from our website :
[LINK]

For more information regarding your order, contact us by visiting :
[LINK]

You should note that the e-mail can change or there might be variants already of it.

The e-mail seems to be from British Airways, but it's not. You should remember to excuse common sense. Did you purchase a British Airways flight recently?

So, you are now asking yourself, why would malicious users even attempt to do this? I mean, common sense would dictate that you haven't ordered a British Airways flight. What they are asking doing is using "social engineering." A term coined in information security, in which refers to psychological manipulation of people into performing actions or divulging confidential information, i.e. Did my credit card get stolen?

The trojan horse is launched to your computer when you open the e-ticket. What the trojan horse allows is computer activity spying and third party access.

This is an great example of why you should be careful when receiving these types of e-mails. If you believe your credit card has been stolen, first check your credit card statement or contact your bank. Perhaps, you could call British Airways, but whatever you do, do not open the e-mail.

You can report these e-mails to British Airways by phone or by e-mail at phishing[at]email.ba.com.