Booby-trapped emails fly back into fashion

Morons

Who falls for this? Really? This is nothing to do with technological know-how, this is recieveing airline tickets you didn't order and believing it. Doesn't anyone who's been using the internet for more than 10 minutes know you shouldn't open attachments from a source you don't know or trust?

Took someone a long time

It's taken someone a long time to spot these messages, which I have been clearing out of my inbox since the end of Summer! First one, I thought was genuine and sent back asking for it in a non-Windows-specific format (there was an .exe file inside the .zip container). When some more started appearing, I realised what they were.

"contaminated" .zip file??

WTF? The zip file is simply a benign container for a trojan executable. And who on earth with more than two brain cells to rub together is then going to execute the extracted program just received in spam?? To me, this is the biggest mystery about the whole Windows "malware epidemic"...

Only an idiot would fall for these

Neither US Airways, nor American Airlines nor Northwestern would spell the word "color" using the British "colour".

and the problem is?

Unprotected machines --- I'm using Avast and that picks up things like dodgy zip files with no problem.

If people can't even be arsed to run free software then maybe they sort of deserve it (slight caveat here as there are plenty of people who get new machines and believe that they are protected for life and not as long as the free bloatware subscription lasts).

Please be more accurate with your terminology.

Unless of course you're deliberately spreading FUD for the hell of it:

>"The mendacious "ticket receipt" messages have a .zip file attached to them which, if opened on an unprotected Windows PC, results in infection by a Trojan horse!"

Now, is that /actually/ true, or is it bullshit? Is it actually a corrupt zip file that exploits an overflow in the decoder and immediately executes code, or have you merely seriously misdescribed the situation and what you really meant to say was:

>"The mendacious "ticket receipt" messages have a .zip file attached to them which, if opened WILL REVEAL A FILE WHICH IF EXTRACTED FROM THE ARCHIVE AND THEN EXECUTED on an unprotected Windows PC, results in infection by a Trojan horse!"

Please do clarify. And don't try blaming it on the subbie, we know you don't employ any!

Alaskan Airlines too

But I gave the emails the 'cold shoulder' and 'iced' the attachments.

yawn

come on.

If anyone gets infected by this, they shouldn't be allowed on the intartubes.

Seriously, want to drop 90% of traffic? if your isp detects malware coming out of your IP address, your user id should be cut off, until your machine is cleaned.

And to open attachments of ANY kind. is just dumb. EMAIL IS NOT A FILE TRANSFER PROTOCOL PEOPLE!!!!! FTP IS!!!!!

A new strain

Yes, there was a malware attack spammed out in the summer which was similar in its use of the airline ticket disguise (I refer to it in my blog entry on the Sophos website at http://www.sophos.com/blogs/gc/g/2008/12/04/email-malware-flying-high/), but this is a new campaign which has some new characteristics - and is spreading different malware.

Why are they using such a similar cloak of disguise? Well, a simple reason - it worked before, so they're banking that it will work again. :(

This isn't about believing that you've been sent air tickets you never ordered, but believing that either an airline has screwed up or (most likely) that someone else has used your credit card to make a purchase. Naturally people get so affronted that they open the attached file without thinking of the possible security consequences.

Invo-Zip?

That name is too close to InfoZIP.