Example: [Collected via e-mail, April 2012]
You should check in from 24 hours and up to 60 minutes before your flight (2 hours if you're flying internationally). Then, all you have to do is print your boarding pass and head to the gate.
Confirmation code: 106171
Online reservation details
Departure city and time: Washington, DC (DCA) 10:00PM
Depart date: 4/5/2012
US Airways, 111 W. Rio Salado Pkwy, Tempe, AZ 85281
Copyright US Airways, All rights reserved.
Origins: In April 2012, Internet users began receiving messages like the one reproduced above that purported to be confirmations of recently purchased tickets for flights on US Airways. Such messages included instructions for the recipients to follow a hyperlink or open an attachment containing what appeared to be a document in order to download and print their boarding passes. These messages were intended to lure recipients, concerned about receiving confirmations for airline ticket purchases they didn't remember making, into attempting to view the referenced ticket
US Airways has posted a scam alert about this scheme on its site, advising that:
Email phishing is a type of fraud committed to gain your personal information. A phishing email may include a fake confirmation number or ask you to change your account information and link you to a site that’s not usairways.com. Once there, you may be asked for your personal information. Some phishing emails may also have attachments or links to a site with malware that can infect your computer.
If you receive a suspicious email, do not click on any links or open any attachments.
Here's what to look out for:
- Be suspicious of emails that begin with something generic like 'Dear user' or 'Dear customer' and that have typos or bad grammar.
- Many of our emails include your name and Dividend Miles number. Our Web Check-in email doesn't have your name, but it has your valid confirmation code, which is never all numbers. It should be either alphanumeric or all letters.
- Before you click, check the link by hovering your mouse pointer over it and identifying what URL (website) is displayed. A legitimate link will have a website address/URL with 'usairways.com.'