Fake Expedia Itinerary Confirmations Deliver Malware


Hoax-Slayer is warning of malicious spam campaign of e-mails claiming to be itinerary confirmations from Expedia, offering trip details in an attachment (h/t Softpedia).

"Thanks for booking with Expedia! Below is a summary of the trip you recently booked," the e-mail states. "To help ensure everything runs as smoothly as possible, keep this e-mail handy so you can refer to it when you check in as it contains all the essential information you'll need."

The attached ZIP file, according to Hoax-Slayer, contains an .exe file disguised as a PDF. The .exe file installs malware capable of stealing sensitive information from the infected computer and sending it to a remote server.

"If your receive any unsolicited and unexpected email claiming to contain travel booking information, do not open any attachments or click on any links that it contains," Hoax-Slayer advises.