An “IATA Fraud Alert” email will compromise your computer

  • A company with a return email [email protected] is sending virus emails with the purpose to destroy travel agents computer systems.
  • The email is designed to mislead recipients to open a malicious attachment protected with a so called pass-code.
  • IATA did not respond.

A phishing email was sent by a criminal enterprise to US travel agents affiliated with IATA,

It appears this email originates from IATA, the International Air Transport Association.

The email is asking receivers to open a malicious attachment and use a password provided to do so. Once a receiver includes this password, the attachment will pollute computers with a malicious script.

The malicious email from iato.org (not iata.org) reads:

Dear Agent,

It has come to IATA’s attention that there is an ongoing fraud of hackers accessing Agents booking systems and issuing air tickets. The attacks are highly sophisticated, leading not only to huge financial loss to Agents but also breaches to the Agent’s systems.

To protect yourself from these numerous attacks, we strongly recommend the attached security measures.

For security reasons, use this code to open the attachment: 123

Best Regards,

IATA Customer Service

Anyone receiving such an email should delete it and clean the trash.


Print Friendly, PDF & Email