A group of cyber criminals are having a lot of success with the latest spear phishing campaign. They are mining social media  for information on where and when you may be traveling. Using this information they send out fake airline reservation confirmations or receipts that look just like the real thing using an email address that looks legit.

Many of these emails contain links to sites that look like the real thing, asking you to enter your username and password and encouraging you to open an attachment or click on a link that loads malware. The loaded malware allows the criminals to hack into the network.

These criminals are clever enough to vary the format of the email and the delivery method for the malware, making it more difficult to detect.

If you receive a confirmation for a flight or a receipt, do not click on any links or open any attachments.  Instead, go to the website of the airline directly using a URL that you know is legit and check your account or reservation on the site itself.

If you do click on one of these links or open one of these attachments, please disconnect from the network and call the Service Desk at 403-440-6000 immediately.