Probably many others have seen the accompanying piece of spam. I hope no one’s clicked on the attachment taht came with it, though. I didn’t open the attachment so I don’t know for sure, but I bet that it contains a trojan or other nefarious program.
Thank you for using our new service “Buy airplane ticket Online” on our website.
Your account has been created:
Your login: firstname.lastname@example.org
Your password: G6vFjbdp
Your credit card has been charged for $998.63.
We would like to remind you that whenever you order tickets on our website you get a discount of 10%!
Attached to this message is the purchase Invoice and the airplane ticket.
To use your ticket, simply print it on a color printed, and you are set to take off for the journey!
Delta Air Lines
I’m posting the text here so that I can comment on how seductive the social engineering efforts of the spammers have become. Of course, I know that I didn’t establish an account such as this, and I would find it questionable if any reputable site where I might have established an account would send the full log-in credentials through the electronosphere. Of course, the syntactic problems in the content are also a give away about the genuineness of the message.
I suspect that someone will see the $$ figure and say, “Wait a minute? What is this? I didn’t order any $1000 ticket!” Then the person might well open the attachment….
The message apparently originated from a computer connecting to the Internet at 22.214.171.124, an address that is associated with a company named “Xpeed” or “LG Powercomm” with an address of 537-18, Bangbaedong, Seochogu, Seoul (KR). Perhaps the owner of the computer at that address does not know that the machine is compromised and is being used by someone else at another address to send such missives. In fact, maybe if I’d have opened the attachment, I would have allowed my machine to join forces with other computers in the legions of bots used to spread the joy.