These aren't spam. They are attempts to download computer viruses.
The Russian Zlob gang has been spending a gret deal of time and effort on this distribution technique lately. Here's how it works:
1. They find Web sites with weak security--usually poor FTP passwords. They do this by using automated software tht scans tens of thousands of IP addresses an our trying the most common FTP usernames and passwords.
2. Once they've broken into a Web site, they upload an exe file (the virus itself) and a Web page that downloads the virus disguised as movie player software. The Web site has what looks like CNN, Time.com, or MSNBC logos on it, and what looks like a movie. If you try to play the "movie," a message tells you that your computer's Flash movie player software is outdated and you won't be able to play the movie until you install the update (which is, of course, the virus).
3. They send out millions of spam messages advertising this "news story," with a link that leads to the page they have placed on the hacked site. The spam messages are sent to addresses harvested from other Web sites, and are also sent with "From:" addresses harvested from Web sites. That way, if a spam message bounces, there is a chance that the bounce will go to a real person.
You got that email because the virus writers forged your address as the "from" address of the spam. It bounced, so it came back to you.
Nationalticket.com is not a spammer. They have been blacklisted because their Web site has been hacked and a virus has been placed on it. The same thing has happened to a very large number of high-profile, big-name Web sites that ought to know better lately, including Delta Airlines.
