Fake Virgin Blue Itinerary Notifications Carry Malware

Virgin Australia has issued an alert to warn users about this spam campaign

  Fake Virgin Australia notification (click to see full)
Internet users should be on the lookout these days for emails apparently coming from virginblue.com.au. Entitled “Your Virgin Blue Itinerary,” the bogus notifications have been found to carry a dangerous piece of malware.

Internet users should be on the lookout these days for emails apparently coming from virginblue.com.au. Entitled “Your Virgin Blue Itinerary,” the bogus notifications have been found to carry a dangerous piece of malware.

Websense experts reveal that the attached file hides a malicious binary file which, when executed, alters registry entries and creates a malicious copy of the svchost.exe file.

Virgin Australia is aware of these scams and they’ve issued a warning on Twitter.

“We're aware some customers have received a fake itinerary email containing potentially harmful software. Please do not open these emails,” Virgin Australia representatives warn.

Here’s what the malicious emails look like:

“Hi,

Thank you for choosing to travel with Virgin Blue.

Your reservation number is 5TMD9F.

Virgin Blue is a ticketless airline, therefore you don’t need a ticket to travel with us. All you need to do is present photo ID and the attached itinerary. It’s that easy!
[…]

Your itinerary is in PDF format and is attached to this email. You will need Adobe Acrobat to view this itinerary – download a copy free from the Adobe website. You can also request a plain text version of the itinerary.”

1 Comment