Our friends at KnowBe4 are warning about a pretty malicious email phishing attack that spoofs airline confirmation or flight update messages. The hackers are getting better all the time and this latest attack looks as real as they come.
Hackers are researching individuals on social media and when they detect you are about to travel or planning travel, they target you with what appear to be legitimate messages from the airline you may be booking with. They are spoofing the from address, so play close attention to verifying the from address, making sure it isn’t missing a letter or using a close, but false domain like firstname.lastname@example.org. I’m just using Delta as an example here. You could insert any airline name in place of Delta in this example. Airlines typically just use their name for their domain, so anything other than that should be an immediate red flag.
Airlines also do not attach PDF or other types of document attachments to confirmation and update messages. Never open one, it’s surely a trick. Once you have your ticket booked, check for updated information directly on the airline web site, even if you get an email about a change or update. If you click the link or attachment in the email, it’s more than likely that you are allowing malicious hacker code onto your computer and therefore compromising your network.
Play it safe and don’t let the hackers take off with your personal information and ruin your trip.