Email notifications, supposedly from Booking.com, urging the recipients to open an attached link are a malicious malware.The malware, coming in disguise of an email notification from the Booking.com website, informs the recipients about a confirmed room reservation on a specific date and asks the recipients to open the attached file to view full details about the reservation.
However, the attachment does not contain any information about the reservation, rather it contains a trojan, which once installed collects passwords and other sensitive information from the infected computer and relays it back to a remote server.
The emails in this attack also claimed to provide the recipient with information about the flight tickets, time, date, destination and cost. The recipients were advised to print their tickets either by opening an attached file or by following a link to a website.