Internet users should be on the lookout these days for emails apparently coming from virginblue.com.au. Entitled “Your Virgin Blue Itinerary,” the bogus notifications have been found to carry a dangerous piece of malware.
Websense experts reveal that the attached file hides a malicious binary file which, when executed, alters registry entries and creates a malicious copy of the svchost.exe file.
Virgin Australia is aware of these scams and they’ve issued a warning on Twitter.
“We're aware some customers have received a fake itinerary email containing potentially harmful software. Please do not open these emails,” Virgin Australia representatives warn.
Here’s what the malicious emails look like:
“Hi,
Thank you for choosing to travel with Virgin Blue.
Your reservation number is 5TMD9F.
Virgin Blue is a ticketless airline, therefore you don’t need a ticket to travel with us. All you need to do is present photo ID and the attached itinerary. It’s that easy! […]
Your itinerary is in PDF format and is attached to this email. You will need Adobe Acrobat to view this itinerary – download a copy free from the Adobe website. You can also request a plain text version of the itinerary.”