Physical Address
Indirizzo: Via Mario Greco 60, Buttigliera Alta, 10090, Torino, Italy
Cyberhackers are now impersonating major airlines
Cybercrime
Kaspersky experts have identified a notable increase in fraudulent email submissions. In one of the observed campaigns, cybercriminals impersonate major airlines and airports, such as Amsterdam Schiphol, Lufthansa, Emirates Airlines, Qatar Airways or Etihad Airways, in order to trick companies into contacting supposed suppliers or partners. This strategy ultimately aims to divert funds from targeted organizations. Since the beginning of September, Kaspersky solutions have detected and blocked thousands of fraudulent emails of this type around the world, and the volume of this category of scams has increased compared to previous months.
Example of a fraudulent email sent by a cyber attacker
These fraudulent emails, allegedly from the purchasing departments of major airlines, propose new projects and seek suppliers. Once the target is phished, attackers send a series of fake documents, such as vendor registration forms and confidentiality agreements, to boost their credibility. Targeted organizations are also invited to pay a “mandatory, refundable expression of interest deposit” of several thousand US dollars, a mandatory deposit presented as having the aim of “securing a priority slot in the partnership calendar”, and supposed to be reimbursed once the “partnership” is established.
“Scammers faithfully reproduce official commercial communications. By impersonating world-famous airlines, they exploit both the trust associated with these brands and the commercial ambitions of their targets. Since the documents exchanged in these scams do not contain malicious code, but are simply falsified, they can easily bypass basic security controls and appear credible to an unsuspecting user,” explains Anna Lazaricheva, Senior Spam Analyst at Kaspersky.n