Fake Expedia Itinerary Confirmations Deliver Malware

Hoax-Slayer is warning of malicious spam campaign of e-mails claiming to be itinerary confirmations from Expedia, offering trip details in an attachment (h/t Softpedia).

“Thanks for booking with Expedia! Below is a summary of the trip you recently booked,” the e-mail states. “To help ensure everything runs as smoothly as possible, keep this e-mail handy so you can refer to it when you check in as it contains all the essential information you’ll need.”

The attached ZIP file, according to Hoax-Slayer, contains an .exe file disguised as a PDF. The .exe file installs malware capable of stealing sensitive information from the infected computer and sending it to a remote server.

“If your receive any unsolicited and unexpected email claiming to contain travel booking information, do not open any attachments or click on any links that it contains,” Hoax-Slayer advises.

Jeff Goldman
Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet contributor since 2009.

Top Products

Top Cybersecurity Companies

Related articles