31 July 2008

As with the recent spate of UPS themed spammed out malware, comes the E-Ticket one.
The idea is the same - ?Thanks for using our service blah blah blah ?.. here is the attached recipt/invoice?

The messages so far have a subject of ?E-Ticket #XXXXXXXXXX? and have the following outline

Greetings,
Thank you for using our new service ?Buy flight ticket Online? on our website.
Your account has been created:

Your login: xxxx@yyyyy.zzz
Your password: somepassword

Your credit card has been charged for $474.46.
We would like to remind you that whenever you order tickets on our website you get a discount of 10%!
Attached to this message is the purchase Invoice and the flight ticket.
To use your ticket, simply print it on a color printed, and you are set to take off for the journey!

Kind regards,
Jane Citizen
Some Prominent Airline Company

The attachment is unsurprisingly called eTicket#XXXX.zip, which contains the malware, detected as Troj/Zbot-AE.

More: http://www.sophos.com/security/blog/2008/07/1604.html