Warning! British Airways e-ticket receipt malware arriving in an inbox near you

Graham Cluley
Graham Cluley
@[email protected]

BA plane. Image from ShutterstockCriminals are spamming out a malware via email, posing as an e-ticket from British Airways.

If the email (shown below) looks like near-identical to a genuine email from the airline then that’s because it is. The malicious gang behind the attack appear to have taken a real email from British Airways and simply attached a ZIP file containing the supposed ticket (but really harbouring a Trojan horse).

Click on the image below for a larger screenshot of the emails, that are being sent to internet users across the planet.

British Airways malicious email. Click for larger version

The emails all have the same subject line and file attachment, although – of course – the criminals behind the scheme could choose to change the disguise at any time.

Subject: BA e-ticket receipt
Attached file: BritishAirways-eticket.zip

It should go without saying that the emails don’t really come from British Airways. Instead the criminals behind the campaign have forged the email headers to appear as though they originated at [email protected].

Even if you weren’t planning to fly with British Airways soon, you might still open the attachment and view its contents out of curiousity. And that’s precisely what the cybercriminals are relying upon to infect as many PCs as possible.

Sophos anti-virus products intercept the malware as Troj/Invo-Zip.

Make sure that your anti-virus software is up-to-date and that your wits are about you. Always be suspicious of unsolicited email – if in doubt, don’t click on the links or open attachments in emails you weren’t expecting.

British Airways plane image from Shutterstock.

Found this article interesting? Follow Graham Cluley on Twitter, Mastodon, or Threads to read more of the exclusive content we post.

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.