12345

4/09/2012

[Caution] Detected malicious files disguised as online hotel reservation

1. Introduction

INCA Internet Emergency Response team detected those malicious files which are disguised as a reservation confirmation mail from Booking.com.
This kind of spreading technique, one of social engineering technique, is disguising and inducing user to see its attachment.
To who frequently using online reservation service, check our post and need to be careful from infected by malicious files.



Malicious file spreading techniques via e-mail are used by both APT(Advanced persistent threat) and just spreading malicious files to unspecific users.

2. Spreading malicious files

Booking.com is one of famous online hotel reservation sites. Established in 1996, Booking.com is the world's leading online hotel reservations agency by room nights sold, attracting over 30 million unique visitors each month via the Internet from both leisure and business markets worldwide.



This e-mail is disguised as sent from booking.com including its title and mail contents.
It also contains its attachment "Reservation-Details-From-Booking-Com_03291295155.zip".



In this attachment, it contains malicious file as EXE file type.



3. Summary

Malicious file spreading technique is classical but it still has been used for spreading malicious files especially on APT technique.

Therefore, users need to be careful on downloading attachment on e-mail, especially in case of attachment file contains executable files(EXE, SCR, COM). To use PC safely from security threats of these malicious attachments, we recommend you download latest security updates and obey following "Security management tips" for general users.

Security management tips

1. Maintain the latest security update on OS and applications
2. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
3. Do not see and download attached file from suspicious e-mail.
4. Keep caution to link from instant messenger and SNS.

INCA Internet (Security Response Center / Emergency Response Team) runs responding system against various security threats.

9 comments:

  1. I came across your blog and wanna say that you can find a good persuasive essay topics here. That is so easy to check!

    ReplyDelete
  2. This comment has been removed by the author.

    ReplyDelete
  3. Thanks for sharing.I found a lot of interesting information here. A really good post, very thankful and hopeful that you will write many more posts like this one.
    https://viamichelin.onl/
    https://putlocker.ooo/
    https://googleearth.onl/

    ReplyDelete
  4. the information posted in this article is very actual and yo give quite resonable recommendations. However I would recommend to visit https://bestwritingservice.com/ they always provide valuable information on any topic

    ReplyDelete
  5. Read this post with pleasure. The articles like this give us step by step recommendations of how to avoid using malicious files. As far as I work as a writer, I recommend you to visit this website so that to know more about how to write a concluding paragraph. It offers essay writing assistance on any topic you need.

    ReplyDelete
  6. I can only express a word of thanks. Because with the content on this blog I can add knowledge I, thank has been sharing this information. Do not forget to visit our website to share information hotele

    ReplyDelete
  7. Inexpensive ironing providers, laundry providers and common domestic cleansing services means that you could employee someone to assist you with your home work and never have to spend your money. Around 9 to 11 pounds each hour is normal along with a small price to cover the additional time it will release for a person. However, prices associated with different services might be higher along with different cleansing firms with respect to the professionalism from the employees. Avoid a business offering a smaller amount than this particular amount since the maids might not be properly educated. deep cleaning dubai

    ReplyDelete
  8. Our keep going report on the Necurs botnet malware secured its utilization of a web alternate route or . cleaning companies in uae URL record to stay away from location, however its creators appear to refresh it once more.

    ReplyDelete