"Miles & More" scam e-mail
Mar 3, 2011, 7:32 am
#1
Original Poster
Join Date: Aug 2006
Location: LPI
Programs: SK *B (?)
Posts: 362
"Miles & More" scam e-mail
Interesting, I think this is the first time I've seen an FF program targetted by these kinds of scams. I received this yesterday:
Of course, the link in the HTML e-mail does not actually point to miles-and-more.com, but to a hijacked server in Argentina.
From: "Miles & More"<[email protected]>
Subject: Your booking confirmation
To: undisclosed-recipients:;
X-Spam-Flag: YES
X-Sent: 22 hours, 8 minutes, 26 seconds ago
X-Bogosity: Spam, tests=bogofilter, spamicity=1.000000, version=1.2.2
Thanks for the purchase!
Booking number: LVSN50
Your credit card has been charged for $493.67.
Please print PASSENGER ITINERARY RECEIPT by logging into your Miles account
by clicking the link below:
http://www.miles-and-more.com
On board you will be offered:
– Beverages;
– Food;
– Daily press.
You are guaranteed top-quality services and attention on the part of our benevolent personnel.
We recommend you to print PASSENGER ITINERARY RECEIPT and take it alone to the airport.
It will help you to pass control and registration procedures faster.
See you on board!
Best regards,
Miles & More
Subject: Your booking confirmation
To: undisclosed-recipients:;
X-Spam-Flag: YES
X-Sent: 22 hours, 8 minutes, 26 seconds ago
X-Bogosity: Spam, tests=bogofilter, spamicity=1.000000, version=1.2.2
Thanks for the purchase!
Booking number: LVSN50
Your credit card has been charged for $493.67.
Please print PASSENGER ITINERARY RECEIPT by logging into your Miles account
by clicking the link below:
http://www.miles-and-more.com
On board you will be offered:
– Beverages;
– Food;
– Daily press.
You are guaranteed top-quality services and attention on the part of our benevolent personnel.
We recommend you to print PASSENGER ITINERARY RECEIPT and take it alone to the airport.
It will help you to pass control and registration procedures faster.
See you on board!
Best regards,
Miles & More
Mar 3, 2011, 9:41 pm
#3
Join Date: Aug 2004
Location: OSL/IAH/ZRH (time, not preference)
Programs: UA1K, LH GM, AA EXP->GM
Posts: 38,265
If you log in and don't get the "der Zentralrechner ist zur Zeit nicht erreichbar..." intro, then you know it's something fishy.
Did you give it a try? What are they after? Simply the M&M login? Sounds like yet another looser scam.
Did you give it a try? What are they after? Simply the M&M login? Sounds like yet another looser scam.
Mar 4, 2011, 1:32 am
#4
Original Poster
Join Date: Aug 2006
Location: LPI
Programs: SK *B (?)
Posts: 362
However, according to other reports, like http://news.softpedia.com/news/Fake-...d-177840.shtml it's a drive-by attack. If you click on the link in the scam e-mail and you are running an unpatched Windows system, your computer will be compromised, and you will assimilated into the Zeus botnet: https://secure.wikimedia.org/wikiped...rojan_horse%29
.
Mar 4, 2011, 11:59 pm
#7
Join Date: Aug 2004
Location: OSL/IAH/ZRH (time, not preference)
Programs: UA1K, LH GM, AA EXP->GM
Posts: 38,265
Mar 5, 2011, 2:28 am
#8
Original Poster
Join Date: Aug 2006
Location: LPI
Programs: SK *B (?)
Posts: 362
Mar 5, 2011, 4:44 am
#9
Join Date: Aug 2004
Location: OSL/IAH/ZRH (time, not preference)
Programs: UA1K, LH GM, AA EXP->GM
Posts: 38,265
...