Fake KLM e-tickets lead to malware

New WAF attack timelines show the start and end of a threat.
No more logs. See how →

If you have recently booked a flight with KLM, please be careful when reviewing emails that appear to have been sent from the airline carrier, as rather legitimate-looking fake KLM emails are currently doing rounds:

This email tries to make the recipients download and open the attached file that purportedly contains the e-ticket, but is actually a piece of malware that – according to the AV solutions that detect it – is either ransomware or a backdoor Trojan.

Either way, the file is bad news – especially for those Windows users that still don’t have an active AV solution on their machines.

Fake e-tickets from popular airlines are one of malware peddlers’ preferred methods of tricking people into downloading malicious attachments, so you should always carefully assess the legitimacy of such emails.

Are you protecting your users and sensitive O365 data from being leaked? Learn how Specops Authentication for O365 can help.