Peter’s Soapbox

I Almost Got Phished!

July 30, 2008 on 5:58 pm | In Personal, Techspeak |

Actually, I might have gotten phished, scammed, or trojaned - I really can’t tell. Anyway, I just returned from SANSFire 2008, and had the following email waiting for me in my inbox:

---

From: Emmett Dugan” US Airways <tengels@SOMENONUSAIRDOMAIN.net>
Subject: E-ticket #4118328071

Good afternoon,
Thank you for using our new service “Buy flight ticket Online” on our website.
Your account has been created:

Your login: ICHANGEDTHISADDRESS@paradigmcc.com
Your password: passWQR7

Your credit card has been charged for $487.39.
We would like to remind you that whenever you order tickets on our website you get a discount of 10%!
Attached to this message is the purchase Invoice and the airplane ticket.
To use your ticket, simply print it on a color printed, and you are set to take off for the journey!

Kind regards,
Emmett Dugan
US Airways

---

Now, what’s scary is that I flew US Air, but I didn’t give them this email address. I also didn’t pay $487.39. Also, they were nice enough to send an attachment, zipped. I saved it to a quarantined space, and looked inside. Sure enough, there’s an EXE there. I didn’t open it. Maybe I should send it do someone for analysis.

Upon consideration, I’m fairly sure this was a random thing, but it goes to show how someone could very easily be sucked in to opening an attachment from a scammer if the timing is right. If you’re sending out millions of these things, eventually something’s going to hit.