Cybercriminals are targeting US Airways customers with malicious spam emails containing a link that, once clicked, initiates a series of redirects, eventually leading users to a domain hosting the Blackhole exploit kit.
The fraudulent email presents itself as a check-in notification from US Airways. After a brief description of check-in procedures, there is a hyperlink that claims to lead to ‘online reservation details,’ but actually ends up taking victims to a page that infects them with the Zeus trojan.
According to Securelist’s Dmitry Tarakanov, the cybercriminals responsible are hopeful that someone receiving this email is flying somewhere sometime soon. However, most of the users targeted were not flying anywhere on the day in question, and, therefore, did not click the link.
Such highly targeted attacks are increasingly commonplace. As non-technical users wise up to the realities of Internet security, attackers and social engineers must find new ways to establish a trust with their victims. Mac users caught a rare glimpse of what targeted attacks look like late last month after a trojan targeting Tibetan non-governmental organizations surfaced.