Skip to content

Airline mayhem could increase online attacks, says cyber detective

As you await travel updates, be wary of malicious emails that could contain real-looking itineraries and reservations that could, in reality, expose your devices to cybercriminals.
canada-travel-coronavirus-pandemic-november-2021-travel-advisory
Make cyberhygiene part of your travel plans and be leery of suspicious emails about reservations and itineraries.

As the world begins to open up and people start to travel again, a Vancouver cyber detective is warning travellers to be wary of cybercrooks who could ruin their holidays.

Targeting what people want and may be fooled by is part of the cybercrook’s method of operations, said Vancouver-based Derek Manky, FortiGuard’s chief security strategist and vice-president for global threat intelligence.

Be mindful of emails containing files about itineraries and reservations, Manky warned. Make sure they’re legitimate. Don't immediately click on them because you’re anxious to get a travel update.

“Flight delays will amplify cybercrime,” he said. “This whole crazy landscape the travel industry is in will just amplify this.”

Manky said such criminal activity is all part of the social engineering aspect of what cybercrooks do. They look for situations where people might be desperate for information and work to exploit fear and concern in their favour.

It happened as people sought pandemic health information, looked for vaccines and it’s happening now as people start travelling again only to find airline mayhem, Manky said.

What people are looking for now are their itineraries and airline alerts. Well, cybercrooks know this and they want to exploit it, he told Glacier Media.

As part of a massive phishing attack, you could receive an email that looks like it has an itinerary or an alert attached.

Don’t open it, Manky said.

“Where it’s topical and something personal to them, especially when planning a trip or booking a hotel, they open it,” he said of people receiving such emails.

If you open it, you could get hit with what’s known as a RAT or remote access Trojan. RATs infect machines and provide crooks with remote desktop access.

“It’s game over,” Manky said, explaining people should be looking for files with ‘exe’ in them or perhaps ‘zip’ files which contain other files.

Of course, many reservations and itineraries come via PDF files. Manky said those too can be weaponized but such activity is less common.

What can be an issue there, he said, is links inside a PDF. Mouse over any such links and have a look at the address in the URL bar in your screen.

If it looks odd, don’t click it.

[email protected]

twitter.com/jhainswo