Kaspersky researchers have uncovered a surge in scam emails where attackers impersonate major airlines and airports – including Amsterdam Schiphol, Lufthansa, Emirates Airlines, Qatar Airways, Etihad Airways and others – to trick businesses into engaging in fraudulent supplier and partnership communication.
The goal of this scheme is to steal funds from the targeted organisations.
Since the beginning of September, Kaspersky solutions have detected and blocked thousands of scam emails of this type globally and the volume of this type of fraud has increased compared to previous months.
These fraudulent emails typically claim to come from the procurement departments of leading airlines announcing new projects and looking for suppliers or contractors. Once the recipient responds, attackers send a series of fake documents – such as supplier registration forms and non-disclosure agreements – to appear credible.
Targeted organisations are also asked to pay the “Mandatory Refundable Expression of Interest Deposit” of several thousand US dollars, indicating that its purpose is “to secure a priority slot in the partnership timeline” and that it will be refunded once the “partnership” is established.
“Scammers are actively mimicking legitimate business communications,” says Anna Lazaricheva, senior spam analyst at Kaspersky. “By impersonating world-famous airlines, they exploit both the brand trust and the business aspirations of their targets. Since the documents shared in these schemes are not malicious, but simply forged they can easily bypass basic security checks and seem believable to the untrained eye.”