Select Page

Cyren Security Blog

The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.

Phishing attack targets frequent flyers of Brazilian airline TAM

Airlines are the current darlings of malware and phishing gangs, with several campaigns using airline-related themes. The most recent attack attempts to extract the username/password combinations of Brazilian airline TAM frequent flyers. The email promises free miles upon entry of a promotional code. Email and translation follow:

Email text

TAM Fidelidade.

Parabns você acaba de ser sorteado com 10.000 pontos milhas TAM Fidelidade.

O seu código promocional é:


Insira o código no link abaixo para confirmar o crédito de 10.000 milhas em sua conta fidelidade


Congratulations you’ve just been drawn with 10,000 miles TAM Loyalty points.

Your promotional code is:


Enter the code on the link below to confirm the credit of 10,000 miles in your account loyalty.

After the operation, wait for 48 hours for credit.

We are available to answer any questions.


The links lead to a very colorful, animated site where the promotional code can be entered:

Once the code is entered, victims are asked for their genuine username and password as confirmation. The Phishers can then use the Star Alliance points to purchase airline tickets and other goodies worldwide.

The phishing attack follows (unrelated – except for the airline theme)) continued use of phony American Airlines tickets to distribute malware.

The links in the follow the pattern of the phony AT&T wireless emails distributed last week. One example:

The elaborate scripts on the destination sites are reportedly aimed at downloading the Zeus Trojan.

You might also like

What is Microsoft Office 365 Advanced Threat Protection?

Office 365 Advanced Threat Protection (also known as ATP and Defender) can provide your organization with advanced security features - keeping you protected from cybersecurity threats. With today's cybersecurity landscape, where new threats appear daily, if not...