Warning! British Airways e-ticket receipt malware arriving in an inbox near you

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

BA plane. Image from ShutterstockCriminals are spamming out a malware via email, posing as an e-ticket from British Airways.

If the email (shown below) looks like near-identical to a genuine email from the airline then that’s because it is. The malicious gang behind the attack appear to have taken a real email from British Airways and simply attached a ZIP file containing the supposed ticket (but really harbouring a Trojan horse).

Click on the image below for a larger screenshot of the emails, that are being sent to internet users across the planet.

British Airways malicious email. Click for larger version

Sign up to our free newsletter.
Security news, advice, and tips.

The emails all have the same subject line and file attachment, although – of course – the criminals behind the scheme could choose to change the disguise at any time.

Subject: BA e-ticket receipt
Attached file: BritishAirways-eticket.zip

It should go without saying that the emails don’t really come from British Airways. Instead the criminals behind the campaign have forged the email headers to appear as though they originated at [email protected].

Even if you weren’t planning to fly with British Airways soon, you might still open the attachment and view its contents out of curiousity. And that’s precisely what the cybercriminals are relying upon to infect as many PCs as possible.

Sophos anti-virus products intercept the malware as Troj/Invo-Zip.

Make sure that your anti-virus software is up-to-date and that your wits are about you. Always be suspicious of unsolicited email – if in doubt, don’t click on the links or open attachments in emails you weren’t expecting.

British Airways plane image from Shutterstock.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.