Jul 25, 2011 13:30 GMT  ·  By

Security researchers warn that frequent flyers are increasingly targeted in phishing attacks and that accumulated air miles have become a currency on underground markets.

According to Kaspersky Lab expert Fabio Assolini, multiple phishing attacks targeting airline fidelity programs have been spotted in Brazil recently.

"The attacks involve the sending of phishing messages in mass mailings that promise more points in a frequent flyer program or offer a supposed prize," the expert notes.

In some cases, phishers register domains that incorporate the name of local airlines and use them to host spoofed websites.

In addition to the classic email spam, some attackers are also using DNS hijacking techniques by distributing trojans that introduce rogue entries into Windows HOSTS files.

Unlike online banking accounts, those associated with airline websites are easy to take over. All that attackers need is the victim's customer registration number and password.

One Brazilian victim recently complained in local media that phishers have stolen accumulated air miles valued at around $7,600 from his account. "In general it's not possible to transfer the miles to other person, but the bad guys issue the tickets using the name of money-mules or using a fake ID," Assolini explains.

Searching the underground forums and chatroom one can locate various offers from hackers who are selling botnet access and other services for air miles.

But Brazil is not the only country where frequent flyers are being targeted. Back in June, researchers from security vendor Trusteer identified a version of the SpyEye trojan that stole credentials for Air Berlin, Germany's second-largest airline, and AirPlus, a provider of travel payment services.

"If you have miles accumulated in an airline company, stay alert and don’t react to any suspicious messages you may receive by email," the Kaspersky expert advises.