Malicious email attachments disguised as airline ticket receipts are being spammed across the internet as part of a new attack. The assault is the latest in a series of booby-trapped email attachments, which have seemingly become fashionable among VXers again, after many months of playing second-fiddle to website attacks.

The mendacious "ticket receipt" messages have a .zip file attached to them which, if opened on an unprotected Windows PC, results in infection by a Trojan horse, dubbed Invo-Zip by anti-virus firm Sophos. The body text of the poison pill email claims to contain a receipt for travel tickets supposedly costing hundreds of dollars and booked through one of a number of well-known airlines.

The ploy is similar to contract malware scams detected by Sophos last week, which featured malicious .zip attachments disguised as changes to a contract. Some of these booby-trapped emails posed as messages from well-known firms like Starbucks, Apple and Google, while others claimed to be retirement plans.

Websense warned of a separate attack earlier this week, in which supposed holiday coupon emails from well-known brands were actually spoofed messages loaded with a contaminated .zip file containing Trojan horse malware. ®

Related stories

• Symbian Trojan strikes Indonesian operator (22 January 2009)
• Airline ticket receipt scam spreads malware (21 January 2009)
• Hackers ahead of the game despite McColo shutdown (9 December 2008)
• Updated Malware authors play Mario on Daily Mail website (2 December 2008)
• US Army bans USB devices to contain worm (20 November 2008)
• Drive-by download attack mows down thousands of websites (10 November 2008)
• Virus-infected email hits rock bottom (2 October 2006)
• Killjoy Trojan deletes warez and smut (17 May 2006)
• Comment Innovative ways to fool people (5 May 2006)
• Trojan poses as naked XXX pics (25 November 2003)