Malware poses as booking confirmation email from Welsh seaside hotel

Atlantic Hotel bedA seaside hotel in Pembrokeshire, South West Wales, has become the unwilling participant in a widespread malware attack spammed around the world.

Computer users have received emails claiming to be a booking confirmation from the Atlantic Hotel in Tenby.

But the truth of the matter is that the emails don’t come from the hotel at all, but are instead designed to trick curious recipients into opening the dangerous file attached.

Here is what a typical email sent out in the malware campaign looks like:

Malicious hotel email

Subject:Fw: Atlantic Hotel


Further to our telephone conversation, please find attached confirmation of your booking with us.

We would like to thank you for making this reservation and we look forward to greeting you at the Atlantic Hotel on the 20th March 2013.

Yours sincerely,
Duty Manager

Attached to the email is a file called “AtlanticHotel Booking”, which contains a malicious Trojan horse.

Sign up to our free newsletter.
Security news, advice, and tips.

Sophos products detect the attack as the Troj/Agent-AAQY Trojan horse, designed to hijack your Windows computer and give remote access to malicious hackers.

The Atlantic Hotel is clearly unimpressed with the malware campaign bringing its name into disrepute, and has put a note on the front page of its website:

Hotel website

Please Note

The Atlantic Hotel domain is currently being used to ‘spoof’ emails containing a ‘trojan’ attachment ending in the words booking We are aware of this and are trying to combat the situation, please delete any email with an attachment purporting to be from us. These emails originate somewhere other than on our server and so we have no control over them.

As always, the best defence is to keep your anti-virus defences updated and always think twice before opening unsolicited email attachments.

PS. For those thinking of nipping off to Tenby for a quick holiday here’s a weather report. It’s currently cloudy, with the prospect of rain showers later.

It’s a bracing 4℃ (that’s 39℉), so there’s probably no need to pack any suntan lotion.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.