This spam is similar to the American Airlines Ticket Order message, but much lamer. It’s addressed to “Dear User”, doesn’t bother to include a human sender name, doesn’t mention an airline or destination, and the link clearly goes somewhere fishy. In fact, it doesn’t even say the charge is for an airline ticket — maybe I’m taking a cruise. I don’t see any info about the payload and don’t intend to find out.
Sender: Ticket Service USA (email@example.com)
Subject: Order Confirmation
Thank you for ordering tickets through our electronic system,
The amount of $749.32 USD was deducted from your credit card ‘.
Details of your order –
(a second version linked to http://kominictvicech.cz/xmlrpc/cache/OrderInfo21849.zip)
More information you can find the order entered in your bank account.
Ticket Service USA