It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Talk about conspiring against everyday people...
page: 1share:
I last flew an airline in 1979...never will step foot on them ever again...seems some people have the wrong idea about me...just received this
e-mail...
American Airlines
Order#23088926
December 4, 2011 1:40 PM
Notification,
FLIGHT NUMBER AA983
ELECTRONIC 195642910
DATE & TIME / DECEMBER 12, 2011, 11:53 PM
ARRIVING / NEW YORK JFK
TOTAL PRICE / 283.30 USD
Your bought ticket is attached to the letter as a scan document.
To use your ticket you should print it.
Thank you for using our airline company services.
American Airlines.
The ticket is in a .zip file...
Anyway, I think the .zip file is a virus...will not open it...
Flight AA983 does exist, but it seems it travels from Miami to Guatemala to Minneapolis to Atlanta...
info.flightmapper.net...
This is conspiratorial on the part of persons wanting to take advantage of other people...Seems this is the type of stuff some people on the Internet like to do best...
American Airlines
Order#23088926
December 4, 2011 1:40 PM
Notification,
FLIGHT NUMBER AA983
ELECTRONIC 195642910
DATE & TIME / DECEMBER 12, 2011, 11:53 PM
ARRIVING / NEW YORK JFK
TOTAL PRICE / 283.30 USD
Your bought ticket is attached to the letter as a scan document.
To use your ticket you should print it.
Thank you for using our airline company services.
American Airlines.
The ticket is in a .zip file...
Anyway, I think the .zip file is a virus...will not open it...
Flight AA983 does exist, but it seems it travels from Miami to Guatemala to Minneapolis to Atlanta...
info.flightmapper.net...
This is conspiratorial on the part of persons wanting to take advantage of other people...Seems this is the type of stuff some people on the Internet like to do best...
edit on 12/4/2011 by jeichelberg because: adding link
Based on my work in the shady underworld of online marketing back in the day (no, I am not being cynical, nor am I proud of this knowledge) I do not
believe you can get a virus from just a .zip file.
You can bind a virus to ANY .exe file, and there are work around to launch to launch malicious .exes by opening files (with any extension, not just .exe) in the same folder as a malicious file.
BUT, you can't get a virus from just opening a single naked .zip file alone.
If you unzip the .zip file and there is any .exe's in the folder, I would beware. Otherwise that should be safe.
And if for some reason it did have a virus, then I would doubt that email was actually an official email from the airline, as it is possible to send emails with a fake sender name.
Hope this helps.
Edit- If you got that email and you didn't buy plane tickets, it most certainly is spam and I would not open it. I would doubt it was actually sent from the airlines btw. They wouldn't send malicious files under their own name, that would be dumb of them.
You can bind a virus to ANY .exe file, and there are work around to launch to launch malicious .exes by opening files (with any extension, not just .exe) in the same folder as a malicious file.
BUT, you can't get a virus from just opening a single naked .zip file alone.
If you unzip the .zip file and there is any .exe's in the folder, I would beware. Otherwise that should be safe.
And if for some reason it did have a virus, then I would doubt that email was actually an official email from the airline, as it is possible to send emails with a fake sender name.
Hope this helps.
Edit- If you got that email and you didn't buy plane tickets, it most certainly is spam and I would not open it. I would doubt it was actually sent from the airlines btw. They wouldn't send malicious files under their own name, that would be dumb of them.
edit on 4-12-2011 by CREAM because:
(no reason given)
edit on 4-12-2011 by CREAM because: (no reason given)
reply to post by jeichelberg
Virus cannot infect zip files like the previous poster mentioned. If you have a virusscanner insalled, any infected file would be blocked from operating. I think that zip file contains a pdf file with your boarding ticket. You can also usually get them printed at the airport too if you don't trust it, but it will take a little more time. Do you think an airline company will risk its business or passengers by having a virus on their systems? If so, I would advise you not to fly as all the on-board flight control systems may also be infected.
In other words, what you have is called an e-ticket or electronic ticket. No need to be afraid.
Virus cannot infect zip files like the previous poster mentioned. If you have a virusscanner insalled, any infected file would be blocked from operating. I think that zip file contains a pdf file with your boarding ticket. You can also usually get them printed at the airport too if you don't trust it, but it will take a little more time. Do you think an airline company will risk its business or passengers by having a virus on their systems? If so, I would advise you not to fly as all the on-board flight control systems may also be infected.
In other words, what you have is called an e-ticket or electronic ticket. No need to be afraid.
dude... thats a virus... i been getting zip files from craft foods all week.
If you didn't buy a plane tick don't open it, but if you just bought a plane ticket and that is what you got, I would not be worried.
reply to post by LightSpeedDriver
The whole thing is...I do not FLY and did not order the ticket...plus the flight does not go to NY...Please read the OP carefully, thank you...
The whole thing is...I do not FLY and did not order the ticket...plus the flight does not go to NY...Please read the OP carefully, thank you...
reply to post by jeichelberg
A task is not the same as executing a program. While pdf's can carry a "evil" payload and execute code, they should have closed that security whole by now.
A zip file does not get executed, merely opened and possibly its contents extracted.
A task is not the same as executing a program. While pdf's can carry a "evil" payload and execute code, they should have closed that security whole by now.
A zip file does not get executed, merely opened and possibly its contents extracted.
reply to post by jeichelberg
In my haste to offer what little computer assistance I can, I missed that small but pertinent fact. Delete email. Done.
ETA Its good you don't fly now. The last time I did, I had a man insert both index fingers underneath the hem of my underpants at the front, and then slowly drew his fingers around my waist on both sides, circumscribing my waist. Most unpleasant and a little too intimate for words without warning. Standing in line too, along with everyone else. I could have exploded in rage but didn't as I needed to be where I was going. Next time I will not fly either. Its screwed beyond belief now.
In my haste to offer what little computer assistance I can, I missed that small but pertinent fact. Delete email. Done.
ETA Its good you don't fly now. The last time I did, I had a man insert both index fingers underneath the hem of my underpants at the front, and then slowly drew his fingers around my waist on both sides, circumscribing my waist. Most unpleasant and a little too intimate for words without warning. Standing in line too, along with everyone else. I could have exploded in rage but didn't as I needed to be where I was going. Next time I will not fly either. Its screwed beyond belief now.
edit on 4/12/11 by LightSpeedDriver because: ETA
UPDATE: I sent the suspect e-mail to American Airlines...this is the reply I received (at least they have scruples and demonstrate concern over this
type of activity):
Dear Mr.xxxx,
Thank you for contacting us about a suspected fraudulent email you
received claiming to be from American Airlines.
This is spam email. Please DO NOT click on any of the web address
links, open any attachments, call phone numbers listed, or follow any
instructions in the fraudulent email. Instead, delete all email and
attachments.
If the email is asking you to perform security-related changes to your
account or attempting to collect your user name, password, email address
or other personal information, you have received a fraudulent email.
American Airlines will never send executable files as attachments, nor
ask our customers for this type of personal information in email
communications.
We deeply regret this inconvenience to you as an American Airlines
customer. Your privacy and security is extremely important to us. For
further information on how to protect yourself from fraudulent email,
please visit:
www.aa.com/phishing
Sincerely,
XXXXXX XXXXXXX
AA.com Web Services
American Airlines
Dear Mr.xxxx,
Thank you for contacting us about a suspected fraudulent email you
received claiming to be from American Airlines.
This is spam email. Please DO NOT click on any of the web address
links, open any attachments, call phone numbers listed, or follow any
instructions in the fraudulent email. Instead, delete all email and
attachments.
If the email is asking you to perform security-related changes to your
account or attempting to collect your user name, password, email address
or other personal information, you have received a fraudulent email.
American Airlines will never send executable files as attachments, nor
ask our customers for this type of personal information in email
communications.
We deeply regret this inconvenience to you as an American Airlines
customer. Your privacy and security is extremely important to us. For
further information on how to protect yourself from fraudulent email,
please visit:
www.aa.com/phishing
Sincerely,
XXXXXX XXXXXXX
AA.com Web Services
American Airlines
Originally posted by LightSpeedDriver
reply to post by jeichelberg
A task is not the same as executing a program. While pdf's can carry a "evil" payload and execute code, they should have closed that security whole by now.
A zip file does not get executed, merely opened and possibly its contents extracted.
You again ,) Sorry to point this out, but exactly how do we know he has an updated PDF viewer? Presuming Adobe, while they may have fixed the issue, it does not mean everyone has updated their version of Reader. And then we have to consider zero day exploits (like the one Stuxnet used), where simply parsing the icon for a file not running it caused the exploit or the newest Duko which uses a kernel font exploit in a doc file.
If the person in question did not purchase the ticket there is little reason to open the file and risk infection (I say this not knowing the state of the target machine in question, but more times that not they are not fully patched).
To the OP if you want to arrange to email me a copy, I can get it analyzed, it smells of a spearfishing attack.
edit on 4-12-2011 by Zaphod because: Typo; added clarification
Originally posted by CREAMIf you unzip the .zip file and there is any .exe's in the folder, I would beware. Otherwise that should be safe.
This is really bad advice and I'd respectfully ask you not give it to others. There are attacks where simply rendering the icons in explorer for the files in question can result in an infection (depending on the patch state of the machine). This is one vector Stuxnet used to infect.
reply to post by Zaphod
reply to post by Zaphod
Like I already mentioned, in my haste I didn't see the fact he had not ordered a ticket As for Adobe software in general, why sure, it sucks major kahunas as they are focused on one thing and one thing only, money. Running Linux the only piece of their software I run is their flashplayer and even that they can't write properly. I think some of the free adobe readers have guarded against the exploit but you can never be 100% sure. They did post a "workaround" till they got it fixed but it was a while ago I read about the dangerous payload exploit. Adobe does include an auto check/update feature on a lot of their windows software. Buyer beware, I guess
As for Stuxnet, that is a SCADA worm/virus I believe. Not much good for home users. Blame Microsoft for their executable doc(x) word format with its macros and attachments. It always has sucked. Thats why virus scanners were invented though, to take up the slack of leaky software. A lame measure at best but if you use windows, it must be done.
PS Who me? I just feel chatty today!
reply to post by Zaphod
Like I already mentioned, in my haste I didn't see the fact he had not ordered a ticket As for Adobe software in general, why sure, it sucks major kahunas as they are focused on one thing and one thing only, money. Running Linux the only piece of their software I run is their flashplayer and even that they can't write properly. I think some of the free adobe readers have guarded against the exploit but you can never be 100% sure. They did post a "workaround" till they got it fixed but it was a while ago I read about the dangerous payload exploit. Adobe does include an auto check/update feature on a lot of their windows software. Buyer beware, I guess
As for Stuxnet, that is a SCADA worm/virus I believe. Not much good for home users. Blame Microsoft for their executable doc(x) word format with its macros and attachments. It always has sucked. Thats why virus scanners were invented though, to take up the slack of leaky software. A lame measure at best but if you use windows, it must be done.
PS Who me? I just feel chatty today!
Originally posted by LightSpeedDriver
As for Stuxnet, that is a SCADA worm/virus I believe. Not much good for home users.
The point wasn't so much it might get Stuxnet as Stuxnet exposed the zero day vulnerability around the ico handler and other attacks will use it, so simply unzipping files into a folder and letting explorer render them can lead to an infection if the machine is not patched.
reply to post by jeichelberg
I think the bigger picture point may be, and pardon me if I am depersonalizing your experience, jech, and forgive me if I am wrong, all others reading, that anyone with a computer can make it appear as if someone was somewhere and doing something they never actually were....
I think the bigger picture point may be, and pardon me if I am depersonalizing your experience, jech, and forgive me if I am wrong, all others reading, that anyone with a computer can make it appear as if someone was somewhere and doing something they never actually were....
reply to post by Zaphod
While I appreciate the offer and the information, I would not want to be responsible for furthering a scam or phishing exploit...I have already deleted the unwanted e-mail in question...
While I appreciate the offer and the information, I would not want to be responsible for furthering a scam or phishing exploit...I have already deleted the unwanted e-mail in question...
Originally posted by jeichelberg
reply to post by Zaphod
While I appreciate the offer and the information, I would not want to be responsible for furthering a scam or phishing exploit...I have already deleted the unwanted e-mail in question...
That is a shame, samples should always be forwarded to the AV firms so they can take a peek. Oh well, I'd say next time but I hope you don't have to deal with something like this again.
reply to post by jeichelberg
You have not flown since 1979, and yet received an e-ticket or receipt of one. I should think it was obvious. Whatever spamming or endeavor to lead you to open a virus bearing email may result in, perhaps there may be larger implications afoot?
Or not. Just my HO
You have not flown since 1979, and yet received an e-ticket or receipt of one. I should think it was obvious. Whatever spamming or endeavor to lead you to open a virus bearing email may result in, perhaps there may be larger implications afoot?
Or not. Just my HO
new topics
-
Las Vegas UFO Spotting Teen Traumatized by Demon Creature in Backyard
Aliens and UFOs: 51 minutes ago -
2024 Pigeon Forge Rod Run - On the Strip (Video made for you)
Automotive Discussion: 1 hours ago -
Gaza Terrorists Attack US Humanitarian Pier During Construction
Middle East Issues: 2 hours ago -
The functionality of boldening and italics is clunky and no post char limit warning?
ATS Freshman's Forum: 3 hours ago -
Meadows, Giuliani Among 11 Indicted in Arizona in Latest 2020 Election Subversion Case
Mainstream News: 3 hours ago -
Massachusetts Drag Queen Leads Young Kids in Free Palestine Chant
Social Issues and Civil Unrest: 4 hours ago -
Weinstein's conviction overturned
Mainstream News: 5 hours ago -
Supreme Court Oral Arguments 4.25.2024 - Are PRESIDENTS IMMUNE From Later Being Prosecuted.
Above Politics: 6 hours ago -
Krystalnacht on today's most elite Universities?
Social Issues and Civil Unrest: 7 hours ago -
Chris Christie Wishes Death Upon Trump and Ramaswamy
Politicians & People: 7 hours ago
top topics
-
Krystalnacht on today's most elite Universities?
Social Issues and Civil Unrest: 7 hours ago, 8 flags -
Weinstein's conviction overturned
Mainstream News: 5 hours ago, 6 flags -
University of Texas Instantly Shuts Down Anti Israel Protests
Education and Media: 9 hours ago, 6 flags -
Supreme Court Oral Arguments 4.25.2024 - Are PRESIDENTS IMMUNE From Later Being Prosecuted.
Above Politics: 6 hours ago, 5 flags -
Massachusetts Drag Queen Leads Young Kids in Free Palestine Chant
Social Issues and Civil Unrest: 4 hours ago, 4 flags -
Meadows, Giuliani Among 11 Indicted in Arizona in Latest 2020 Election Subversion Case
Mainstream News: 3 hours ago, 4 flags -
Chris Christie Wishes Death Upon Trump and Ramaswamy
Politicians & People: 7 hours ago, 2 flags -
Any one suspicious of fever promotions events, major investor Goldman Sachs card only.
The Gray Area: 11 hours ago, 2 flags -
Gaza Terrorists Attack US Humanitarian Pier During Construction
Middle East Issues: 2 hours ago, 2 flags -
2024 Pigeon Forge Rod Run - On the Strip (Video made for you)
Automotive Discussion: 1 hours ago, 1 flags
active topics
-
Candidate TRUMP Now Has Crazy Judge JUAN MERCHAN After Him - The Stormy Daniels Hush-Money Case.
Political Conspiracies • 787 • : WeMustCare -
2024 Pigeon Forge Rod Run - On the Strip (Video made for you)
Automotive Discussion • 5 • : modusponus2 -
University of Texas Instantly Shuts Down Anti Israel Protests
Education and Media • 191 • : WeMustCare -
Supreme Court Oral Arguments 4.25.2024 - Are PRESIDENTS IMMUNE From Later Being Prosecuted.
Above Politics • 63 • : Annee -
Las Vegas UFO Spotting Teen Traumatized by Demon Creature in Backyard
Aliens and UFOs • 5 • : FlyersFan -
Thousands Of Young Ukrainian Men Trying To Flee The Country To Avoid Conscription And The War
Other Current Events • 139 • : Consvoli -
Is there a hole at the North Pole?
ATS Skunk Works • 39 • : Athetos -
The functionality of boldening and italics is clunky and no post char limit warning?
ATS Freshman's Forum • 11 • : JonnyC555 -
Nearly 70% Of Americans Want Talks To End War In Ukraine
Political Issues • 89 • : Xtrozero -
Gaza Terrorists Attack US Humanitarian Pier During Construction
Middle East Issues • 19 • : Consvoli