Spam

Spam – Sheesh, Are They Kidding?

I get spam every now and then.  I used to get a lot but we have a really good spam filter (Barracuda, by the way).  But I’ve been receiving spam since I signed up for email back in the early 90’s.  I’m so familiar with the social engineering tricks that the “spammers” use that I can smell a spam message the instant I view it (many times I only have to see the title).  They’re pretty clever, but not real clever.

This spam message I just had to blog about.  Why?  Because it cracked me up.  OK, here’s a screenshot of the email:

 

Oh yeah, they had me fooled up until I realized that I didn’t book a flight (sure they did).  I started to crack up, since the dominant airline in my area is Delta, and I haven’t flown since last Fall and I have not plans to fly any time soon.  Anyway, I was curious, how this was setup, so what I normally do is hover my cursor over the “download it” link.  That’s obviously, where they’re going to execute a Trojan horse and make my life miserable (so I’m not going to click on it).  Here’s what I got:

 
So the address goes to gentedecente.com.br.  Which is a Brazilian domain name.  The “.com” part in the middle is clever, to kind of distract the eye from noticing that it’s NOT a dot com address.  So I decided to check if anybody else is receiving this particular spam and I typed “airline ticket email spam” into Google and it looks like it’s so common that there are different variations and American Airlines is already aware of the problem.  AA has a webpage describing the scams and that you need to be cautious.
 


One other thing I did to see why this got past the spam filter, is check the return address.  It was from ticketlesstravel.com.  Which happens to go to a web hosting company, but no site.  That’s a dead-giveaway.  They could have at least bought a fake site or linked it back to a real site.  Maybe, I shouldn’t give pointers here…