Kaspersky Lab Detects Travel-Related Fraudulent Messages

Share This Post

In June,Kaspersky Lab registered an increase in fraudulent messages sent to mimic travel booking services and notifications from Electronic Arts, all to gain access to consumer personal account information. The fake notifications imitate hotel booking confirmations or air tickets and usually contain Trojan spyware masked as bills for reservations. Phishers also used fake notifications from the U.S. video game maker Electronic Arts in an attempt to access users’ personal accounts in the company’s online store Origin.

As a rule, fraudulent messages imitating correspondence from booking services contained the Ursnif Trojan that steals confidential data and sends it to a remote server. It can listen to network traffic, download and run other malicious programs, as well as disable some system applications such as the firewall. The phishers who tried to access the personal accounts for Electronic Art’s Origin online store sent out an email saying the online store was enhancing account protection and asked the recipients to confirm they held an account.

In addition, Kaspersky Lab detected the following statistics on spam during the month of June:

  • Percentage of spam in email traffic averaged 64.8 percent, which was five percentage points less than in May.
  • Top three sources of spam around the world in June were the US (13.2%), Russia (7%) and China (5.6%).
  • Germany saw a big surge in the number of antivirus detections, doubling the previous month’s share to 16.4 percent, taking the top spot from the UK. The US remained in second place on 9 percent.

Once again topping the list of malware spread by email was Trojan-Spy.HTML.Fraud.gen. This threat appears as an HTML phishing website and sends email disguised as an important notification from banks, online stores, and software developers. Trojan-Downloader.MSWord.Agent.z was in second place. This malicious program is a *.doc file with embedded macros that downloads and runs other malicious program. In third place was a Trojan downloader from the Bublik family – it’s main functionality is the unauthorized download and installation of new versions of malware onto victim computers.


Email search sites (32.1%) again topped the rating of organizations most frequently attacked, with a slight drop of 0.2 percentage points from the previous month. Second came Social networks (27.7%), with an increase of 3.7 percentage points compared to May. Financial and payment organizations (11.6%) and Online stores (10.6%) declined by 1.2 and 1.5 percentage points respectively. The proportion of attacks targeting Telephone and Internet service providers fell by 0.1 percentage points leaving this category in fifth place in the rating.Nely Bonar Nely Bonar

Subscribe To Our Newsletter

Get Notified About Our Latest Posts - Updates every Monday

No Spam, Your Email will NOT be Shared

More To Explore

Press Releases

Klaviyo & Shopify Announced Strategic Partnership

Klaviyo, recently announced a product partnership with Shopify Inc. Shopify is also making a strategic investment in Klaviyo to build upon the long-term collaboration between

Do You Want To Collaborate?

drop us a line and we will be in touch