{"id":27881,"date":"2013-03-20T18:10:55","date_gmt":"2013-03-20T08:10:55","guid":{"rendered":"http:\/\/power-up.space\/?p=27881"},"modified":"2013-03-20T18:10:55","modified_gmt":"2013-03-20T08:10:55","slug":"scammers-unleash-the-holiday-malware-campaigns-earlier","status":"publish","type":"post","link":"https:\/\/www.impulsegamer.com\/wordpress\/?p=27881","title":{"rendered":"Scammers unleash the holiday malware campaigns earlier"},"content":{"rendered":"<p>Scammers unleash the holiday malware campaigns earlier<\/p>\n<p><b>Sydney\/Auckland \u2013 March 20, 2013<\/b> \u2013 As the travel industry heavily started promoting holiday deals earlier; scammers, too, have plunged into the trend with spammed malware campaigns using holiday hooks. Flight confirmation emails are the top lure this season, followed by hotel deals, extravagant cruise packages and vacation loans.<\/p>\n<p>In season, holiday spam can reach up for up to 6% of all spam. And if a regular \u201cbusiness spam day\u201d means some 1.8 million messages, at the season peak we are talking about approximately 108000 holiday-themed pieces a day of which bogus flight confirmations are most spread.<\/p>\n<p><b>Airline confirmation emails or receipts<\/b> make up nearly 60 percent of all summer holiday spam this year. These messages usually deliver malware in an attachment or link to dangerous webpages.<\/p>\n<p>The second-most spread seasonal scam variety is the <b>fake newsletter promoting early-booking bargains<\/b> at luxury vacation destinations across the globe. These messages are drafted in different languages to match the locations they advertise.<\/p>\n<p>Cruise packages, travel insurance offers and holiday loans are also used to bait people planning the perfect summer escape.<\/p>\n<p>Bitdefender also found that Delta Air Lines and US Airways were the most targeted, being two of the biggest airline companies in the US serving each year millions of customers all across the globe. More customers mean better chances for such scams to pay off.<\/p>\n<p>To protect yourself, check out some tips on how stay safe while planning and enjoying the perfect holiday:<\/p>\n<ul>\n<li>Research the website you\u2019re using before you book a flight or make a hotel reservation.<\/li>\n<li>Look what other people have to say about a certain ticketing \/ booking website. Read their comments and feedback on that site\u2019s services.<\/li>\n<li>Try to get in contact with a representative of the company, who can provide you with as many details about the seat or the vacation venue as possible.\n<ul>\n<li>Do not click links embedded in e-mails that pop up in your inbox if you haven\u2019t specifically asked for travel offers or flight reservations. And never open files attached to these e-mails.<\/li>\n<li>When you leave for the vacation of your dreams, don\u2019t announce it on social networks. An empty house can be extremely tempting for burglars. Securing your virtual world can help secure your physical one.<\/li>\n<li>Avoid shopping online or checking e-banking and credit accounts when using public WiFi hotspots such as those in airports, coffee shops or malls. Don\u2019t do it via the hotspot in your hotel either.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>And for more details on specific scams found in the wild, keeping reading:<\/p>\n<p>A recent holiday spam campaign aiming at the budget of vacation planners is the highly seasonal \u201cYour eTicket\u201d spam campaign targeting Delta Air Lines customers. The message demands people confirm their flight reservation with Delta and check the information in an attached PDF file.<\/p>\n<p>The attachment hides a variant of the very dangerous Sirefef &#8211; a Trojan with rootkit capabilities that will mess with users\u2019 OSs and create a perfect vulnerable environment for other malware families to target the victim.<\/p>\n<p>US Airways customers must watch out for dedicated spam messages inviting them to confirm a flight code. Some such samples have links that redirect users to a webpage advertising a \u201cmiraculous weight loss plant.\u201d Others, with exactly the same name and appearance, lead users to a page associated with the BlackHole Exploit Kit to expose them to an exploit kit that silently reads a user\u2019s browser configuration, looks for breaches then slams it with malware \u2013 all without the user\u2019s interaction.<\/p>\n<p>A classic spam tactic at the dawn of holiday planning is the appealing discount for in-advance reservations in luxurious hotels in Peru, India or exotic islands in the Pacific Ocean.<\/p>\n<p>While some samples are merely annoying, others have malicious links and malware in attachments. If it\u2019s spam, treat it with caution!<\/p>\n<p>Campaigners aim also at employees with unsolicited messages presenting venues for team buildings, conferences, product launches or other business activities.<\/p>\n<p>An attack is not always about the person who received the message. Sometimes they are the means to a bigger aim, such as the person\u2019s employer. The employee must never give an attacker with a way in.<\/p>\n<p>Scammers targeting vacation-goers may have various aims: to gather contacts to build a victim network for future malicious and spam campaigns, to collect card details, personal details for impersonations, money-muling or FTP accounts to be used for hosting malware at the expense of the victim. It all depends on the attacker\u2019s agenda.<\/p>\n<p><i>Note: All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.<\/i><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Scammers unleash the holiday malware campaigns earlier Sydney\/Auckland \u2013 March 20, 2013 \u2013 As the travel industry heavily started promoting holiday deals earlier; scammers, too, have plunged into the trend with spammed malware campaigns using holiday hooks. Flight confirmation emails are the top lure this season, followed by hotel deals, extravagant cruise packages and vacation<\/p>\n<p class=\"more-link\"><a href=\"https:\/\/www.impulsegamer.com\/wordpress\/?p=27881\">Read More\u2026<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25],"tags":[],"class_list":["post-27881","post","type-post","status-publish","format-standard","hentry","category-software-news"],"_links":{"self":[{"href":"https:\/\/www.impulsegamer.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/27881","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.impulsegamer.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.impulsegamer.com\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.impulsegamer.com\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.impulsegamer.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=27881"}],"version-history":[{"count":1,"href":"https:\/\/www.impulsegamer.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/27881\/revisions"}],"predecessor-version":[{"id":27882,"href":"https:\/\/www.impulsegamer.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/27881\/revisions\/27882"}],"wp:attachment":[{"href":"https:\/\/www.impulsegamer.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=27881"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.impulsegamer.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=27881"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.impulsegamer.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=27881"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}