14 DAY TRIAL // Cybercriminals are trying to trick users into handing over their email account credentials with the aid of fake notifications purporting to come from Flying Blue, the frequent flyer program of KLM and Air France.
ThreatTrack Security’s Chris Boyd says that the phishing emails are designed to lure unsuspecting recipients to a fake website where they’re instructed to hand over email account credentials and Flying Blue information.
The phishing websites spotted by experts are currently offline. However, users are advised to be on the lookout for such scams since it’s likely that the cybercriminals will set up new domains to serve their malicious purpose.
Two variants of malicious emails have been seen landing in inboxes. One of them reads something like this:
“Some Flying Blue members report receiving an e-mail in which they are advised to secure their ‘Air France-KLM account’ by clicking on a link and logging into the ‘secured Flying Blue network’.
This e-mail was not sent by AIR FRANCE, KLM or Flying Blue. Do not log in using this link. Please make sure that you only log into your Flying Blue account if you are in the trusted Flying Blue environment.”
Another variant reads:
“Dear Esteemed Customer, We have added extra security to your Air France-KLM Flying Blue account to prevent identity theft on your account. To secure your Air France-KLM account, click the link below.
Note: You need to login using your email address and password to access before you can access the secured Flying Blue network.”
Flying Blue is aware of these scams. The company warns customers to avoid clicking on “You have one new message” emails that instruct them to secure their Air France – KLM accounts.
“If you click on the link and enter your details, your Flying Blue number and PIN code will be copied by fraudsters who can then control your account. Please make sure that you only log into your Flying Blue account if you are in the trusted Flying Blue environment,” the company warns.
Those who have clicked on the link and provided their information are advised to immediately check their accounts and change their passwords. If you’re locked out of your account, contact the Flying Blue Service Center.