Users are advised to be wary when opening files attached to emails that purport to come from KLM Dutch Royal Airline. Experts have found some well-designed fake notifications that carry pieces of malware.
The spam campaign is designed to target not only KLM customers, but also other users who are led to believe that someone utilized their credit card to purchase tickets.
“Thank you for choosing KLM E-ticket. This is the itinerary and receipt. If unable to use the e-ticket, if travel plans change or if you receive this document in error, please review full information in the attached file,” the emails read.
Websense experts have analyzed these emails and they report
that the attachment is not a ticket, but a malicious executable file called “KLM-e-Ticket.pdf.exe.” Once it’s executed, the malware allows its mastermind to access the compromised machine via telnet to port 8000.