14 DAY TRIAL // Every once in a while the classic American Airlines scams make a comeback. The latest of these phishing emails has been received by many users and, unlike the previous variants, this one is much better designed.
Apparently originating from an “aa.globalnotifications.com” email address, the message informs the recipient that a ticket has been purchased using his/her credit card. However, compared to older versions, this one actually contains the name of the passenger for whom the ticket was bought.
Users who rush to click on the links to learn more details of the transaction are taken to a webpage hosted on the hijacked site of a travel company from the Philippines.
The company quickly removed the malicious page, but that doesn’t necessarily mean that this is the end of the scheme.
The cybercriminals that run it have most likely compromised a number of domains, some of which from China, according to Spyware Sucks.