Beware of Your Holiday Travel E-Ticket Confirmation

How does Symantec know it's the week of Thanksgiving? Because as the busiest travel day of the year day quickly approaches, the day just before Thanksgiving , there is a surge in fake email ticket confirmations that lead to viruses.

Here is what a fake airline message looks like:

If you inspect the HTML coding for this message carefully, you will notice a malicious link in the anchor tag:

This link redirects to a known malware-hosting site in Russia which previously hosted Trojan.Maljava. Trojan.Maljava is a detection name used by Symantec to identify malicious Java files that exploit one or more vulnerabilities, one of many threats awaiting an unsuspecting user.

So before you click through emails during the holiday rush, here are some best practices to protect yourself from these types of malicious email attacks:

  • Be selective about websites you give your email address to.
  • Before entering personal or financial details online, ensure the website has SSL encryption (look for things like HTTPS, a padlock, or a green address bar).
  • Avoid clicking on suspicious links in email or instant messages as these may be links to spoofed websites. We suggest typing Web addresses directly into the browser rather than relying upon links within your messages.
  • Do not open spam messages.
  • Do not reply to spam. Typically the sender’s email address is forged, and replying may only result in more spam.
  • Do not open unknown email attachments. These attachments could compromise your computer.
  • Always be sure that your operating system is up-to-date with the latest updates and use a comprehensive security suite. For details on Symantec’s offerings, visit