{"id":884,"date":"2019-04-06T19:33:27","date_gmt":"2019-04-06T19:33:27","guid":{"rendered":"http:\/\/www.syyhoaxanalyzer.com\/?p=884"},"modified":"-0001-11-30T00:00:00","modified_gmt":"-0001-11-29T17:00:00","slug":"American-Airlines,-'eTicket-Itinerary-and-Receipt-Confirmation'-Malware-Email","status":"publish","type":"post","link":"https:\/\/www.syyhoaxanalyzer.com\/?p=884","title":{"rendered":"American Airlines, &#8216;eTicket Itinerary and Receipt Confirmation&#8217; Malware Email"},"content":{"rendered":"<div>\n<p>This email, which purports to be from American Airlines, claims to be an &#8216;eTicket Itinerary and Receipt Confirmation&#8217; and claims that you can print out your flight ticket by opening an attached Microsoft Word document. \u00a0 <\/p>\n<p><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<!-- HS Net Top Content Responsive --><br \/>\n<ins class=\"adsbygoogle\"\n     style=\"display:block\"\n     data-ad-client=\"ca-pub-0355887770822260\"\n     data-ad-slot=\"4870821038\"\n     data-ad-format=\"auto\"><\/ins><br \/>\n<script>\n(adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/p>\n<p>The email includes information supposedly pertaining to the ticket purchase and features seemingly legitimate American Airlines formatting and related graphics. Links in the message open the genuine American Airlines website.<\/p>\n<p>However, despite appearances, the email is not from American Airlines and the attached file does not contain flight tickets.<\/p>\n<p>Instead, opening the attached file can lead to a malware infection.<\/p>\n<p>The attachment is a seemingly harmless Microsoft Word (.doc) file and you may, therefore, be inclined to open it without due concern. But, if you do open the attachment, a popup message will state that you must enable macros before the file can be viewed correctly.<\/p>\n<p>If you do enable macros as suggested, a malicious macro can then run. The macro can download further malware components and install them on your computer. Once installed, this malware may steal information such as banking passwords, download even more malware, and allow criminals to take control of the infected computer.<\/p>\n<p>To clarify, a &#8216;macro&#8217; in this context is a group of instructions that can act as a single command in order to automatically carry out a specified task. Macros can save time by making repetitive tasks easier to achieve. Microsoft Office programs and other types of software allow you to create your own macros as required to aid your workflow.<\/p>\n<p>However, macros can also be used maliciously. In the past, macro virus threats were common. Thankfully, later versions of Microsoft Office disabled macros by default thereby lessening the threat posed by macro viruses. But, online criminals are \u00a0<a title=\"Macro Virus Threat Returns - Beware Emails With Malicious Word Attachments\" href=\"http:\/\/www.hoax-slayer.com\/word-macro-malware-emails.shtml\">again using macros \u00a0<\/a>to trick people into installing malware. Unless you have a specific need to use macros and are aware of the potential risks, you would be wise to leave macros disabled. \u00a0<\/p>\n<p><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<ins class=\"adsbygoogle\"\n     style=\"display:block; text-align:center;\"\n     data-ad-format=\"fluid\"\n     data-ad-layout=\"in-article\"\n     data-ad-client=\"ca-pub-0355887770822260\"\n     data-ad-slot=\"9162856233\"><\/ins><br \/>\n<script>\n     (adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/p>\n<p> Emails like this one use simple social engineering tricks to get people to infect their computers. Some people who receive the email may think that their credit card has been fraudulently used to purchase airlines tickets and open the attachment in the hope of getting more information. Some may open the attachment because they think a mistake has been made or are simply curious. And some may have recently purchased American Airline tickets and therefore be especially vulnerable.<\/p>\n<p>Criminals have used \u00a0<a title=\"Virgin Australia eTicket Malware Email\" href=\"http:\/\/www.hoax-slayer.com\/virgin-australia-eticket-malware.shtml\">very similar ruses<\/a> \u00a0in the past to \u00a0<a title=\"Qantas 'E-Ticket Itinerary Receipt' Malware Email\" href=\"http:\/\/www.hoax-slayer.com\/qantas-flight-itinerary.shtml\">distribute malware<\/a>. If you receive one of these fake airline ticket emails, do not open any attachments that it contains even if they appear to be innocuous Microsoft Office documents.<\/p>\n<h3 class=\"noMargin\">Example<\/h3>\n<div class=\"example\">\n<p><strong>Subject: E-Ticket Confirmation<\/strong><\/p>\n<p><a href=\"https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2018\/03\/american-airlines-eticket-itinerary-malware-email-1.jpg\" data-rel=\"penci-gallery-image-content\" ><img loading=\"lazy\" decoding=\"async\" data-attachment-id=\"19255\" data-permalink=\"https:\/\/www.hoax-slayer.net\/american-airlines-eticket-itinerary-and-receipt-confirmation-malware-email\/american-airlines-eticket-itinerary-malware-email-1\/\" data-orig-file=\"https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2018\/03\/american-airlines-eticket-itinerary-malware-email-1.jpg\" data-orig-size=\"600,900\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"american-airlines-eticket-itinerary-malware-email-1\" data-image-description=\"\" data-medium-file=\"https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2018\/03\/american-airlines-eticket-itinerary-malware-email-1-200x300.jpg\" data-large-file=\"https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2018\/03\/american-airlines-eticket-itinerary-malware-email-1.jpg\" class=\"aligncenter size-full wp-image-19255\" src=\"https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2018\/03\/american-airlines-eticket-itinerary-malware-email-1.jpg\" alt=\"American Airlines ETicket Malware Email\" width=\"600\" height=\"900\" srcset=\"https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2018\/03\/american-airlines-eticket-itinerary-malware-email-1.jpg 600w, https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2018\/03\/american-airlines-eticket-itinerary-malware-email-1-200x300.jpg 200w, https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2018\/03\/american-airlines-eticket-itinerary-malware-email-1-500x750.jpg 500w, https:\/\/www.hoax-slayer.net\/wp-content\/uploads\/2018\/03\/american-airlines-eticket-itinerary-malware-email-1-585x878.jpg 585w\" sizes=\"(max-width: 600px) 100vw, 600px\" \/><\/a><\/p>\n<p>Attached file: &#8216;ticket_AA77799543.doc&#8217;<\/p>\n<\/div>\n<p><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<!-- Third Content Ad Responsive --><br \/>\n<ins class=\"adsbygoogle\"\n     style=\"display:block\"\n     data-ad-client=\"ca-pub-0355887770822260\"\n     data-ad-slot=\"1909104632\"\n     data-ad-format=\"auto\"><\/ins><br \/>\n<script>\n(adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/p>\n<div align=\"center\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<!-- HS Net Bottom AdLinks --><br \/>\n<ins class=\"adsbygoogle\" style=\"display: block;\" data-ad-client=\"ca-pub-0355887770822260\" data-ad-slot=\"1358951439\" data-ad-format=\"link\"><\/ins><br \/>\n<script>\n(adsbygoogle = window.adsbygoogle || []).push({});\n<\/script><\/div>\n<p><\/br><\/br> Original Source : <a href=\"https:\/\/www.hoax-slayer.net\/american-airlines-eticket-itinerary-and-receipt-confirmation-malware-email\/\" target=\"_blank\">https:\/\/www.hoax-slayer.net\/american-airlines-eticket-itinerary-and-receipt-confirmation-malware-email\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>This email, which purports to be from American Airlines, claims to be an &#8216;eTicket Itinerary and Receipt Confirmation&#8217; and claims that you can print out your flight ticket by opening an attached Microsoft Word document. \u00a0 The email includes information supposedly pertaining to the ticket purchase and features seemingly legitimate American Airlines formatting and related [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":6890,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-884","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hoax-inggris"],"_links":{"self":[{"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/posts\/884"}],"collection":[{"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=884"}],"version-history":[{"count":0,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/posts\/884\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=\/wp\/v2\/media\/6890"}],"wp:attachment":[{"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=884"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=884"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.syyhoaxanalyzer.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=884"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}