Between the Lines

Larry Dignan, Andrew Nusca and Rachel King
Home / News & Blogs / Between the Lines

Beware the Delta Air Lines phishing attack

By | November 16, 2011, 6:52am PST

Summary: A phishing attack that mimics Delta Air Lines has enough real links to lull you into thinking a bogus email is real.

A phishing scam mimics Delta Air Lines and is done so well that it may snare more than a few victims.

Below is a message that was sent allegedly from Delta. What’s the big deal? This phishing attempt includes real links to Delta in the beginning and then sprinkles in legit addresses to the U.S. government’s traffic agency.

Once you’re lulled into thinking the links are legit, the rest of the addresses go to the bad guys. In addition, the email contains no obvious typos. Overall, this phishing attempt is well done.

Here’s the diagram with my notes to the right (click to enlarge).

As for Delta, the airline said it is on the case and has issued an advisory.

We have recently received reports from customers of fraudulent emails claiming to be from Delta Air Lines. As such, please be advised of the following:

  • We recommend you change your SkyMiles account PIN immediately and monitor your account for any misuse.
  • These emails were not sent by Delta Air Lines.
  • You should not click on the link in the email or open any attachments.
  • Instead, you should delete the email from your inbox.
  • Please call us at 1-888-750-3284 if you have questions or need further information.

These emails claim that you have purchased a Delta ticket, a credit card has been charged and/or an invoice or receipt is attached to the email. If you receive one of these emails, do not open the attachment as it may contain potentially dangerous viruses or harm your computer.

Be assured that Delta did not send these emails, and our customers’ credit cards have not been charged by Delta as a result of the emails. These emails did not originate from Delta, nor do we believe that any personal information that you provided us was used to generate these emails. We will continue to post updates on this page as additional information becomes available.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Between the Lines”

Topics

Delta Air Lines Inc., E-mail, Travel, Phishing, Online Communications, Security, Spam And Phishing, Larry Dignan

Larry Dignan is Editor in Chief of ZDNet and SmartPlanet as well as Editorial Director of ZDNet's sister site TechRepublic.

Disclosure

Larry Dignan

Larry Dignan has nothing to disclose. He doesn’t hold investments in the technology companies he covers.

Biography

Larry Dignan

Larry Dignan is Editor in Chief of ZDNet and SmartPlanet as well as Editorial Director of ZDNet's sister site TechRepublic. He was most recently Executive Editor of News and Blogs at ZDNet. Prior to that he was executive news editor at eWeek and news editor at Baseline. He also served as the East Coast news editor and finance editor at CNET News.com. Larry has covered the technology and financial services industry since 1995, publishing articles in WallStreetWeek.com, Inter@ctive Week, The New York Times, and Financial Planning magazine. He's a graduate of the Columbia School of Journalism and the University of Delaware.

For daily updates, follow Larry on Twitter.

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?
Ask a Question Start a Discussion
9
Comments
Add Your Opinion

Join the conversation!

Just In

RE: Beware the Delta Airlines phishing attack
aroc 19th Nov
Odd that I have recently received actual, physical post cards "from Delta" offering "free" tickets, while claiming not to be for real estate type pitches - really? No strings? Pardon my paranoia, but I don't fly anyway due to a hearing problem (pressure changes could finish it off) exacerbated by distrust of airline safety - seats facing forward, shoddy maintenance, cost-cutting pressure - and now TSA molesting/radiation) - think I will pass.
View in thread
0 Votes
+ -
RE: Beware the Delta Airlines phishing attack
swmace 16th Nov
Larry-
Any chance you could update the article with the From address on the scam email? Both display and header address? That's one of the first things I check on a suspicious email
0 Votes
+ -
Darn, deleted mine already
Dr_Zinj 16th Nov
It was a good cast. Header information looked legit. About a half dozen other employees of our company were listed in the To: box, including the CIO. I thought it weird I got it because we're major cash strapped at the moment, causing most travel to be disapproved. So I'm not on any business trips this year. Plus, it indicates one seat, and while I like everyone here well enough, sticking 7 of us in the same seat is just going a bit too far. wink
0 Votes
+ -
RE: Beware the Delta Airlines phishing attack
tom@... 16th Nov
This is a good case for the fact that only newbies and totally ignorant people are going to be the actual targets. It all falls back to one rule: Never click ANYTHIING in any e-mail you receive which you were not expecting and delete quickly if you see an attachment. If you aren't already familiar with them via your own experiences and addresses YOU have entered, they are BOGUS or worse.
re Attachments: If you didn't know one was going to be coming by previous setup agreement, REMEMBER THAT, AND DELETE THE SPAM UNREAD. Before long, even the most rank newbie catches on that they're out to scam him at best, to rob him at worst of anything from his bank or social security account/insurance to outright dangerous people that aren't put off by murder. The FBI web site has some excellent information on the stuff these criminals will try and how they operate. NEVER accept an unknown person or entity as willing to do anything "good" for you! And never provide personal information to such requests; legit web sites will NOT ask for personal info in an e-mail!

HTH,

Twayne`
0 Votes
+ -
RE: Beware the Delta Airlines phishing attack
kanrmatourer 16th Nov
Duh,it's Delta Air Lines,really simple but obviously too complicated for the author of this blurb.
0 Votes
+ -
RE: Beware the Delta Airlines phishing attack
james.vandamme 16th Nov
It was well executed, gotta admit. Had me going for 5 seconds. (Right after that I got a "prize" notification from "Google Corporation", makes you wonder what kind of lowlife runs these scams.)
Another wonder I have is, how can we gang up on jerks like this? Ten million or so of us?
0 Votes
+ -
RE: Beware the Delta Airlines phishing attack
natalie@... 16th Nov
I have a weird-looking sponsored ad appearing on my Facebook page purportedly from Delta Airlines inviting me to look at Black Friday specials from Macy's???
0 Votes
+ -
RE: Beware the Delta Airlines phishing attack
paulhahn3 18th Nov
Why would we have to change our PINs?
0 Votes
+ -
Just wait
vikrant48 18th Nov
Just wait until some black hat cracks Delta's flight information database and is sending out targeted messages like this to real travelers...
0 Votes
+ -
RE: Beware the Delta Airlines phishing attack
aroc 19th Nov
Odd that I have recently received actual, physical post cards "from Delta" offering "free" tickets, while claiming not to be for real estate type pitches - really? No strings? Pardon my paranoia, but I don't fly anyway due to a hearing problem (pressure changes could finish it off) exacerbated by distrust of airline safety - seats facing forward, shoddy maintenance, cost-cutting pressure - and now TSA molesting/radiation) - think I will pass.

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix