cafesolo

Today I received an e-mail,apparently from Qatar Airways,LLC, thanking me for BOOKING with them. "We have received your booking under reference 81873.88".
Now,I have always understood that a booking does not exist until payment is made. So I now entered "sub-panic" mode. By internet check London bank accounts -- nothing missing. Long phone call to same,on bad line: Do Not Pay any airline ! Next into town, bank balance intact, brief staff on situation. Sub-panic subsides.

So was it a scam ? The sender's ident continued <[email protected]. Am I right that you haven't a booking till you have paid ? Anyone out there in ticketing or similar care to offer me guidance ? Cafesolo.

nonsense

Qatar Airways isn't going to use an outgoing email server with a domain name of "activeware.com", so pretty obviously it is a scam.

Scammers wouldn't bother sending you email unless they need you to react in some way; the email is intended to elicit a response, even if it is not apparent what that response is yet. They probably want more information about you such as credit card numbers, etc.

So don't engage with the scammers.
Delete it and continue your life.
And definitely do not reply to the email or contact Qatar at any phone number, email address or physical address in the email; if you decide to call Qatar, look them up somewhere else.

Google search <qatar We have received your booking under reference> and you will find more info on this scam:
https://qatarairways.zendesk.com/hc/...ons-look-like-
https://thedefenceworks.com/blog/im-...-airways-scam/

cafesolo

Thank you,nonsense, for your prompt and comprehensive reply. Unfortunately,I replied immediately,using the arrow at the bottom of their message to "Reply",denying that I had made a booking but revealing no more than my full name. Is "fingers crossed" now an adequate defence?

nonsense

I would think so. They can obtain combinations of names and email addresses from numerous sources; they'll need more than that to scam you.

If you ever have doubts about a strange email, google key phrases from it to see whether other people have already identified it as a scam.

yellowtriumph

cafesolo

Thank you nonsense & yellow triumph for your very prompt responses. Cafesolo.

jimjim1

I disagree. STRONGLY.

I never open weird emails. I get them every few days. Even a preview pane can activate potentially dangerous material in emails. I'd rather miss an email than put myself at risk.

In the example given, an attacker may have WANTED to trigger you to communicate with your financial partners.

On the other hand my financial life is very simple and if it was more complex then a different calculus may apply. I suppose that your bank can hardly criticise you for contacting them and of course can criticise you if you don't.

I made a mistake years ago when I got forename.surname as a gmail account name. People put it in forms all the time. I should have used something like forename.surnamexyz. I should also have started to migrate away from it a number of years ago.

Use of an email provider with GOOD spam filters is your first defence. Google or maybe hotmail (or whatever microsoft call it these days. Outlook?).

There is some discussion about it here in the last few minutes
https://www.kickasspolitics.com
EP 394: Richard Clarke and Robert Knake on Cyber War
or for a link nearer the audio
https://podcasts.apple.com/us/podcas...027264941?mt=2
Richard Clarke & Robert Knake on Cyber War

Sorry, they have made it beyond my capacity to provide a link to the audio.