TotalDefense reports a phishing attack in the disguise of airline ticket confirmation from a fake Delta airlines email id. This malware is a variant of Zeus – which steals valuable information upon clicking the email. Visit http://blogs.totaldefense.com/securityblog.aspx

1. Fake email supposedly sent by Delta Airlines.
If you get an e-mail from the American airline - ‘Delta’ where you are asked to confirm the purchase of
a ticket you allegedly purchased using your credit card, it is quite possible that this is a cyber-attack
designed to tempt you into clicking a link, which in turn will infect your computer with malware.
The malware, is a variant of the malicious Zeus, which is known for several years and aims to take over
the victim's computer and steal valuable information from it.
The pattern is actually a direct phishing attack that is characterized by a relatively high level of
sophistication, which is optimized for the victim’s profile in order to lure the recipient into running the
malware. This is an innocent looking email supposedly sent by Delta Airlines. The subject line of the
mail is carrying an order number and confirmation e-mail that states that ‘your credit card order was
executed’ and the flight details and the cost of the ticket. The recipient is asked to click on the
attached link in order to print the e-ticket.
It seems that the source of the malware is in Russia since the malware contains characters in the
Russian language and similar attacks were previously established from Algeria. The pattern of the Zeus
code is different in the present case in the way that previous attacks used to send fake offers to
download screensaver to the victim’s computer.
With over 90% of all direct phishing attacks performed via email, targeted phishing is a new type of
sophisticated scam. This time it is used in gathering specific information and personal data on the
victim and organization in order to look relevant and innocent. The e-mail that contains the tuned
phishing, can reach the victim by using his name, position or rank in the organization instead of using a
general appeal as was common in phishing attacks. The high amount of e-mails sent shows the desire of
the hackers to hit as many possible number of users as possible.
About TotalDefense:
Total Defense(@Total_Defense) is a global leader in malware detection and anti-crimeware solutions.
We offer a broad portfolio of leading security products for the consumer market used by over four
million consumers worldwide. Our solutions also include the industry’s first complete cloud security
platform, providing fully integrated endpoint, web and email security through a single Web-based
management console with a single set of enforceable security policies
Total Defense is a former business of CA Technologies, one of the largest software companies in the
world, and has operations in New York, California, Europe, Israel and Asia.
Visit http://www.totaldefense.com/ for web, cloud & mobile security solutions for home users and
businesses.
Copyright © 2013 TotalDefense, Inc. | All rights reserved www.totaldefense.com
Page 1