Threat Alert: HOLIDAY PROMO LURES Lead to Malware

• A series of phishing attacks advertising a purported winter holiday promo for Sky Airlines. have been identified.
• Attackers distributed this lure in Spanish and English, using the subject lines “SkyAirline para la promoción de vacaciones de invierno” and “SKYAIRLINE – Winter Holiday Promo” respectively.
• While the emails appear to come from the sending address sales@skyairline[.]com, the email signature links to the unassociated webpage esky[.]com[.]com and an Instagram page for esky[.]com.
• The lures contain a malicious attachment that purportedly contains extra details about the promotion.
• Attempting to open the attachment leads to the installation of malicious software (malware) that can allow attackers to take control of an infected system.

Key Action: Report Suspicious Emails 

• Never download attachments associated with unexpected messages. Never open, preview, or download an unexpected attachment. These actions can expose you to malware.
• Remember that cybercriminals commonly leverage current events in phishing attacks. Annual events like the holiday vacation season give cybercriminals the time to prepare by crafting difficult-to-spot or believable lures. 
• Report ANY suspicious emails using the Phish Alarm button.