Airline Phishing Attack

Does your firm travel often? You may be a target for an airline phishing scam that has a 90% success rate!

Thanks to scans run by Barracuda Networks, it has been discovered that attackers are using social engineering to develop legitimate looking emails that mirror airline flight confirmations. These emails appear in a user’s inbox and contain a PDF version of an airline ticket. The PDF is infected with malware and once opened the files on your computer can become encrypted. Now the attacker can lock you out of your firm’s files and demand ransom just to regain access.

What is Social Engineering?

These attacks are not random.  The high success rate of these attacks is made possible thanks to social engineering.  Attackers do extensive research not only to know who travels at your firm, but also who orders tickets and coordinates hotels. With this rich information, it becomes easy to trick either the administrator booking the trip or the employee who is expecting to travel.  Then, with the ability to fool a recipient into believing the email is legitimate, they get people to click on attachments that install malware on the user’s computer.

How to Prevent These Attacks:

Having a multi-layered security plan in place that involves end user training (human firewalls), testing of email attachments for malware or viruses, GEO-blocking of international IP traffic, whitelisting and more can insulate you from these type of attacks – but nothing is 100% safe.  Click HERE for more details on how to protect your firm.

Leave a Comment