Phishing scam masquerading as Emirates Airlines survey to gain access to users’ devices
May 30, 2017
Emirates Airlines has warned flyers about a new wave of phishing e-mails which are being used by hackers to take control of users' devices.
Hackers are sending out phishing e-mails to convince unsuspecting users to participate in surveys by luring them with free tickets.
A group of hackers is using the Emirates Airlines logo in phishing e-mails sent out to a number of unsuspecting users, asking them to participate in surveys and win free tickets in return. The airline has confirmed that it has not sent out such e-mails and has asked users to stay away from such allurements via social media.
“Emirates has become aware of fraudulent websites purporting to come from the company claiming to offer free airline tickets to those who take an online survey,” said an Emirates spokesperson.
The phishing e-mails in question ask users to click on malicious links to participate in a survey. Once users click on such links, hackers can then gain access to their devices as well as to other sensitive details like credit card information. To lure people, hackers behind the phishing scam are offering two free tickets each to those who participate in the survey.
“Congratulations! You have been selected to take part in our short survey to get two free Emirates tickets. We only have 332 tickets remaining so hurry up,” reads a phishing e-mail. The survey also asks three questions to recipients including whether they have ever traveled with Emirates before.
“We advise anyone not to click on any links or share these links on social media. Emirates is investigating the source of the scam and will take appropriate legal action against the perpetrators,” the Emirates spokesperson added.
Phishing e-mails and social engineering have emerged as the top choices for hackers of late to achieve their objectives. In recent years, phishing scams have not only resulted in identity theft but have also resulted in huge losses for those in financial, health and education sectors.
Earlier this month, hundreds of Gmail accounts were targeted by a massive phishing attack which requested Gmail users to allow 'Google Docs' to access their e-mail accounts. Hackers behind the operation used a web app named 'Google Docs' which had nothing to do with Google but gave users the impression that they were giving access permissions to the original Google programme.
Hundreds of Netflix users were also targeted by a phishing scam that attempted to steal their credit card details. Hackers behind the operation asked Netflix users to update their Netflix membership details by clicking on certain malicious links. When victims completed these forms, the site redirected them to the legitimate Netflix homepage in an effort to make the scam harder to detect.