By Larry Dignan 16 November 2011 Zdnet
Summary: A phishing attack that mimics Delta Air Lines has enough real links to lull you into thinking a bogus email is real.
A phishing scam mimics Delta Air Lines and is done so well that it may snare more than a few victims.
Below is a message that was sent allegedly from Delta. What’s the big deal? This phishing attempt includes real links to Delta in the beginning and then sprinkles in legit addresses to the U.S. government’s traffic agency.
Once you’re lulled into thinking the links are legit, the rest of the addresses go to the bad guys. In addition, the email contains no obvious typos. Overall, this phishing attempt is well done.
Here’s the diagram with my notes to the right (click to enlarge).
As for Delta, the airline said it is on the case and has issued an advisory.
We have recently received reports from customers of fraudulent emails claiming to be from Delta Air Lines. As such, please be advised of the following:
- We recommend you change your SkyMiles account PIN immediately and monitor your account for any misuse.
- These emails were not sent by Delta Air Lines.
- You should not click on the link in the email or open any attachments.
- Instead, you should delete the email from your inbox.
- Please call us at 1-888-750-3284 if you have questions or need further information.
These emails claim that you have purchased a Delta ticket, a credit card has been charged and/or an invoice or receipt is attached to the email. If you receive one of these emails, do not open the attachment as it may contain potentially dangerous viruses or harm your computer.
Be assured that Delta did not send these emails, and our customers’ credit cards have not been charged by Delta as a result of the emails. These emails did not originate from Delta, nor do we believe that any personal information that you provided us was used to generate these emails. We will continue to post updates on this page as additional information becomes available.