Fraudsters are using fake Delta Air Lines receipts that lack any flight information whatsoever to infect unsuspecting users with malware.
An attack begins when a user receives a fake payment confirmation email from Delta Airlines.Fake Delta Airlines receipt. (Source: Heimdal Security)
Notice anything missing?
The senders of the email don’t include any flight information in the message’s body, something that you would expect to see in a legitimate email sent by Delta. See for yourself in the example below:Legitimate Delta Air Lines receipt. (Source: Heimdal Security)
Clearly, the fake email looks different than the legitimate receipt. It also doesn’t originate from the proper sender. Valid Delta email addresses bear the “delta.com” domain, not “deltaa.com.”
Those differences notwithstanding, attackers are hopeful a recipient will click on one of the links embedded in their email. Heimdal Security’s Paul Cucu elaborates on this point in a blog post:“The email is designed to...(continued)