Unexpected ticket purchase at www.delta.com?

The hackers are at it again, forcing a flurry of fake flight tickets to flood your email inboxes.

It’s not a new method of tricking people into opening a malicious email attachment, but it surely works.

The latest campaign that has been spammed out claims that you have bought a ticket with Delta Air Lines. According to the email, the attached passenger itinerary receipt confirms that you paid your ticket in full and confirms your right to fly with Delta Air Lines.

Inside the attached file (delta_8612Z.zip) lurks the Troj/Inject-EW Trojan horse, however, which aims to sneak undetected onto your Windows PC for its own malicious purposes.

As always, think twice (and then, perhaps, twice again) before ever opening an unsolicited email attachment…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Bluesky, or drop him an email.