Fake Virgin Blue Itinerary Notifications Carry Malware

Virgin Australia has issued an alert to warn users about this spam campaign

By on December 14th, 2012 09:59 GMT

Internet users should be on the lookout these days for emails apparently coming from virginblue.com.au. Entitled “Your Virgin Blue Itinerary,” the bogus notifications have been found to carry a dangerous piece of malware.

Websense experts reveal that the attached file hides a malicious binary file which, when executed, alters registry entries and creates a malicious copy of the svchost.exe file.

Virgin Australia is aware of these scams and they’ve issued a warning on Twitter.

“We're aware some customers have received a fake itinerary email containing potentially harmful software. Please do not open these emails,” Virgin Australia representatives warn.

Here’s what the malicious emails look like:

“Hi,

Thank you for choosing to travel with Virgin Blue.

Your reservation number is 5TMD9F.

Virgin Blue is a ticketless airline, therefore you don’t need a ticket to travel with us. All you need to do is present photo ID and the attached itinerary. It’s that easy!
[…]

Your itinerary is in PDF format and is attached to this email. You will need Adobe Acrobat to view this itinerary – download a copy free from the Adobe website. You can also request a plain text version of the itinerary.”

1 Comment