Blog

The Evil Airline Phishing Attack

  |  Posted by

Imagine clicking on an attachment in an email confirmation for an online purchase or hotel reservation and being greeted by an urgent pop-up that reads, “A virus has been detected due to suspicious activity. Click here to run a diagnostic on your computer hard drive.” Seems like good advice, right? Before clicking OK, you might want to learn more about a new email phishing scam.

Known as the evil airline phishing attack, this scam is a two-wave social engineering scam that attempts to take over your computer and steal sensitive personal information—or both— potentially leading to identity theft or damage to your computer. What makes this especially alarming is that recent research says this scam is successful about 90 percent of the time‡.

The scam targets individuals who frequently book travel or shop online and are familiar with receiving email confirmations on purchases or bookings. Like other phishing scams, cybercriminals research online and offline before sending these authentic looking emails. The subject line will look something like this:

When the victim receives the email, the two-wave phishing attack begins:

  • First wave: Opening the message signals to the cybercriminal that the email address is authentic and has been received by a real person.
  • Second wave: Inside the email is an authentic-looking attachment such as a .pdf or .docx file. This file is masquerading as a travel confirmation or purchase receipt with malware‡ embedded in it. If the attachment is opened, the malware springs into action impacting your data and computer.

The goal of these cybercriminals is to:

  • Trick you into clicking links and opening attachments which can secretly infect your computer or device
  • Access and steal your information (e.g. usernames, passwords, credit card numbers, etc.)
  • Make transactions, file fraudulent tax returns, use you or your children’s identity, share sensitive medical data with other hackers and a variety of other activities

How can you help protect yourself?

  • First defense: Desktops, laptops, tablets and even mobile devices are at risk of this attack. Install antivirus protection on your electronic devices (including tablets and mobile phones) and keep your hardware and software updated.
  • Second defense: Never click on links or attachments in emails you aren’t expecting. If something looks “phishy,” it probably is. If you have questions or concerns about any electronic communication, go to the company’s website to confirm details or contact them directly.
  • Final defense: Communicate with your coworkers, friends and family. One of the best ways to keep from falling victim is to ask questions, open dialogue and stay informed.

For more information to stay cyber aware, visit UMB’s Security and Privacy page.

When you click links marked with the “‡” symbol, you will leave UMB’s website and go to websites that are not controlled by or affiliated with UMB. We have provided these links for your convenience. However, we do not endorse or guarantee any products or services you may view on other sites. Other websites may not follow the same privacy policies and security procedures that UMB does, so please review their policies and procedures carefully.


Ms. Flores serves as senior vice president and Chief Information Security Officer, providing oversight of UMB’s information security and privacy programs. She joined UMB in 2010 and more than 15 years of experience in information technology and information security. She attended Kansas State University with a focus on management information systems and is a Certified Information Security Manager (CISM), Certified Information Privacy Professional (CIPP/US) and Certified Information Systems Auditor (CISA).


Tagged: , , , , , ,