I Almost Got Phished!

July 30, 2008 on 5:58 pm | In Personal, Techspeak | Comments Off

Actually, I might have gotten phished, scammed, or trojaned – I really can’t tell. Anyway, I just returned from SANSFire 2008, and had the following email waiting for me in my inbox:

From: Emmett Dugan" US Airways <tengels@SOMENONUSAIRDOMAIN.net>
Subject: E-ticket #4118328071

Good afternoon,
Thank you for using our new service "Buy flight ticket Online" on our website.
Your account has been created:

Your login: ICHANGEDTHISADDRESS@paradigmcc.com
Your password: passWQR7

Your credit card has been charged for $487.39.
We would like to remind you that whenever you order tickets on our website you get a discount of 10%!
Attached to this message is the purchase Invoice and the airplane ticket.
To use your ticket, simply print it on a color printed, and you are set to take off for the journey!

Kind regards,
Emmett Dugan
US Airways

Now, what’s scary is that I flew US Air, but I didn’t give them this email address. I also didn’t pay $487.39. Also, they were nice enough to send an attachment, zipped. I saved it to a quarantined space, and looked inside. Sure enough, there’s an EXE there. I didn’t open it. Maybe I should send it do someone for analysis.

I’m fairly sure this was a random thing, but it goes to show how someone could very easily be sucked in to opening an attachment from a scammer if the timing is right. If you’re sending out millions of these things, eventually something’s going to hit.

No Comments yet

Sorry, the comment form is closed at this time.

Powered by WordPress with Pool theme design by Borja Fernandez.
Entries and comments feeds. Valid XHTML and CSS. ^Top^

Bad Behavior has blocked 451 access attempts in the last 7 days.