Everyone knows about a travel/hotel review website, which is called TripAdvisor. Though it has been really helpful for those who look for a good deal on a hotel room or flight, it seems that spammers have ‘improved’ this website with some bug. After stealing personal email addresses of TripAdvisor’s customers, they have been using them to spread their spam, which looks like a booking confirmation and has a malicious attachment included. Note that clicking on a link results in Gamarue malware, which can be additionally used to steal user’s personal information, such as passwords, banking data or login information, from the system.
According to security researchers who work for Trend Micro, Indian users should be especially careful because, mainly, Internet criminals have been discovered to spread their spam mails in this area. That shouldn’t sound surprising because TripAdvisor is among India’s top five travel brands and receives 2.4 million users per month, says thehackernews.com. However, Gamarue malware has already been attacking German users. It has been reported by the same TrendMicro that scammers have been spreading it as a confirmation letter for the Brenners Park-Hotel and Spa in Austria.
All this research has started when one of Trend Micro’s managers received an email asking to confirm his hotel’s reservation. However, he hasn’t had any wonder about this hotel and its existence in India.
As online travel and hotel market is growing rapidly, scammers find it attractive for their virus distribution and other malicious activities. Please, be aware about such emails and avoid clicking on the attachments that are usually included into them. If you have been tricked by such letter, run a full system scan with anti-malware software.