Scam alert: New phishing scheme promises free airline tickets

|
Delta Air Lines web site - Phishing scam promises free airline tickets
Image Credit: Dreamstime
Team Clark is adamant that we will never write content influenced by or paid for by an advertiser. To support our work, we do make money from some links to companies and deals on our site. Learn more about our guarantee here.
Advertisement

If you receive an email saying that you’ve won free airline tickets, don’t fall for it. It’s likely an elaborate scam.

A new email phishing scheme is causing people to click on a link that promises free airfare, according to security researchers.

The email looks just like it comes from Delta Air Lines or some other major carrier, but it’s a farce. The scam was recently chronicled by experts at cybersecurity site FarsightSecurity.com. “The suspected phishing websites purport to be those of commercial airline carriers offering free tickets, but, instead, appear to subject the user to a bait-and-switch scam,” the site says in a blog post.

Received an email to get free airline tickets? Phishing scam alert

What makes the scheme so insidious is that the suspected phishing sites look just like reputable airline websites. The scam employs what is known as IDN (Internationalized Domain Name) homographs, or website lookalikes that may fool the unsuspecting eye.

The fraudulent sites even include a Facebook “Like” section, which gives the appearance that scores of users have engaged with the brand on social media.

Here’s how the scam works, according to Farsight Security:

“The suspected phishing websites present the user with the promise of free airline tickets if they answer four innocuous questions (the responses don’t seem to matter). Once the user answers the questions, he is instructed to share the “offer” with 15 WhatsApp contacts before being redirected to another URL where presumably the user is prompted to enter credit card details.”

As you can see, the evil plot is designed for you to entrap your friends, family members and others in your app contact list.

If you run across this email phishing scam, the first thing you should do is delete the email, then empty it from the deleted items folder. That way, if you’re ever in your deleted items folder, you won’t accidentally click the link.

Free airline tickets phishing scam: 4 ways to protect yourself

When it comes to this particular phishing scam, here’s how to stay safe:

  • Know which airlines are involved: So far, the criminals are using websites that mimic the following carriers: Delta, EasyJet and RyanAir.
  • Read your email as plain text: If you have access to a PC, switch your email to plain text. There you can see real URLs of websites contained in the email.
  • Don’t click on any links or respond:  Clicking on anything inside the email could cause you to download malware or some other vicious program that could potentially ruin your device.
  • Look for typos: One way to tell if you’ve gotten a legitimate communication is to search for grammatical errors in the text. Misspellings, grammar faux pas and nonsensical sentences are a big red flag.

Here are more Clark.com stories you may enjoy:

Advertisement
Craig Johnson is a conscious money-saver who still reads paperback books and listens to vinyl. He likes to write about how technology is making things easier and more affordable — but also sometimes more dangerous — for the modern consumer. You can reach Craig at [email protected]
View More Articles
  • Show Comments Hide Comments