Unexpected ticket purchase at www.delta.com?

The hackers are at it again, forcing a flurry of fake flight tickets to flood your email inboxes.

It’s not a new method of tricking people into opening a malicious email attachment, but it surely works.

The latest campaign that has been spammed out claims that you have bought a ticket with Delta Air Lines. According to the email, the attached passenger itinerary receipt confirms that you paid your ticket in full and confirms your right to fly with Delta Air Lines.

Malicious email claiming to come from Delta airlines

Sign up to our free newsletter.
Security news, advice, and tips.

Inside the attached file (delta_8612Z.zip) lurks the Troj/Inject-EW Trojan horse, however, which aims to sneak undetected onto your Windows PC for its own malicious purposes.

As always, think twice (and then, perhaps, twice again) before ever opening an unsolicited email attachment.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.