Travelers Targeted with Fake Reservation Links
Are you planning on traveling any time soon? Travelers planning trips are now at risk as the travel and hospitality industries are the newest victims of the threat group identified as TA558. TA558 first started scams like this in 2018, but then took a temporary lull in the attempts, believed due to the travel restrictions with COVID-19. Now, they are back at it and taking advantage of the increase of airline and hotel bookings.
TA558 are sending fake reservation emails that contain malicious links that, if clicked, can spread malware across your systems. The use of RAR and ISO file attachments linked to the messages is what makes this campaign so different. The use of URLs has also increased, which leads to container files, like ISOs or zip (RAR). In order to be affected, the victim would have to decompress the file archive, unknowingly.
We all need to relax and recharge from time to time, so avoiding taking vacations is not a true solution. There are ways you can stay safe while still taking that much needed time away.
Ways to stay safe from scams while planning a trip:
- Check the email sender’s details carefully
- Check for any misspellings in the email
- Hover over a link before clicking it
- Reach out directly to the airline or hotel to ensure that email you received is real
Categorised in: IT Threat