{"id":32184,"date":"2023-07-06T21:17:28","date_gmt":"2023-07-06T10:17:28","guid":{"rendered":"https:\/\/www.kaspersky.com.au\/blog\/travel-scam-and-phishing-2023\/32184\/"},"modified":"2023-07-06T21:17:39","modified_gmt":"2023-07-06T10:17:39","slug":"travel-scam-and-phishing-2023","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.au\/blog\/travel-scam-and-phishing-2023\/32184\/","title":{"rendered":"Going on vacation? Beware of scammers"},"content":{"rendered":"

Summer\u2019s here, with the vacation season in full swing. Along with holidaymakers, tourist-targeting scammers are also getting more active. Our experts studied the dangers confronting travelers in the 2023 vacation season. Here\u2019s what they found out\u2026\n<\/p>\n

Phishing attacks on Booking.com users<\/h2>\n

\nLet\u2019s start with a phishing site mimicking Booking.com, one of the world\u2019s most popular sites for online hotel and apartment bookings. The aim of the fake site is to harvest email addresses that double up as usernames, as well as some kind of \u201cemail passwords\u201d. The phishers seem to have got their nets in a twist: what they\u2019re really after is probably passwords for Booking.com accounts.<\/p>\n

\"Fake<\/a>

Phishers harvest login credentials of Booking.com users<\/p><\/div>\n

Interestingly, the phishers didn\u2019t forget about the second largest category of Booking.com users: hotel and apartment owners who use the website to attract clientele. For them, too, there are fake sites that hoover up usernames and passwords.<\/p>\n

\"Another<\/a>

Another site pretending to be Booking.com harvests credentials of hotel and apartment owners<\/p><\/div>\n

To avoid such tricks, always carefully check the website address before entering any credentials on it. If you\u2019re unsure what the real address should be, better to double-check using a search engine and good old Wikipedia.\n<\/p>\n

Scammers prey on Airbnb users<\/h2>\n

\nInevitably, cybercriminals haven\u2019t ignored that other bastion of online accommodation booking, Airbnb. A fake Airbnb site \u2014 a carbon copy of the original \u2014 offers attractive apartment rentals and doggedly reminds the visitor that they must make a wire transfer to some agent to confirm their reservation.<\/p>\n

\"Fake<\/a>

Fake Airbnb site urges visitors to pay for a non-existent booking<\/p><\/div>\n

It goes without saying that \u201ccustomers\u201d who send the transfer are left with nothing but a hole in their wallet. To avoid this danger, always carefully check the address of the site before sending money to its owners.\n<\/p>\n

Harvesting user data on fake travel survey sites<\/h2>\n

\nA less serious, but also less-than-pleasant online scam involves sites promising valuable gifts for taking a survey. In this case \u2014 travel surveys offering a prize of US$100.<\/p>\n

\"Fake<\/a>

Enticed by the prospect of a US$100 gift, the visitor is asked to take a fake survey (and hand over personal data)<\/p><\/div>\n

At the end of the survey, the scammers usually ask the victim for some personal data: first and last name, address, phone number and sometimes payment information. Such data can be used at a later date for all kinds of bad stuff \u2014 from identity theft to hacking into financial accounts. As for the \u201cprize\u201d, it\u2019s not exactly forthcoming.<\/p>\n

Avoiding this threat is easy: don\u2019t fall for the promise of easy money \u2014 especially when it\u2019s an unfeasibly large sum that falls from the sky.\n<\/p>\n

Airline phishing sites<\/h2>\n

\nAnother traditional target for phishers is airline passengers. Fake pages are forever popping up imitating the official sites of different carriers. Of course, the bigger the airline, the more likely its customers\u2019 credentials will be hunted by phishers.<\/p>\n

\"Fake<\/a>

Phishing site hungry for a popular airline\u2019s customer accounts<\/p><\/div>\n

The goal here can be twofold. First, there can be a direct financial interest: all major airlines have loyalty programs with bonus points that are a kind of currency. If cybercriminals manage to hack into someone\u2019s account holding sufficient bonus points, they can buy a ticket and sell it for real money, which they pocket.<\/p>\n

\"Another<\/a>

Phishing site that harvests credentials for an airline loyalty program accounts<\/p><\/div>\n

Second, login credentials can be collected in order to hijack other accounts held by the victim. This method of hacking has a very good chance of success, since password reuse is still common, sadly. So a password for an airline loyalty program account could well work for email.\n<\/p>\n

Unusual airline ticket scams<\/h2>\n

\nThis year has also seen a rather unconventional method of defrauding airline ticket buyers bound for the UK<\/a>. Scammers posing as travel agency employees offer tickets at extremely attractive prices. What\u2019s more, after payment, the booking shows up in all systems \u2014 it\u2019s completely real.<\/p>\n

However, the fraudsters don\u2019t actually buy any tickets; rather, they exploit the temporary ticket reservation service that\u2019s used in many booking systems and costs no more than a few dozen dollars. The service even assigns a so-called passenger name record (PNR)<\/a> to the booking \u2014 a six-digit alphanumeric code that goes by different names, depending on the airline: booking reference, reservation number, flight confirmation code, etc. This code lets you check the booking on the airline\u2019s website and make sure it\u2019s logged in the system.<\/p>\n

Of course, since the scammers never redeem the ticket, when the holding time is up the reservation turns into a pumpkin. The difference between the hundreds of dollars paid for the non-existent ticket and the twenty-odd bucks spent on the reservation service is duly pocketed by the fraudsters, who then mysteriously fail to respond to the victim\u2019s urgent inquiries.<\/p>\n

Incidentally, there\u2019s a way to make sure that you paid for a proper ticket \u2014 not a reservation. Simply look in the booking information for a 13-digit ticket number<\/strong> (for example, 123-4567890123), and not for a six-digit PNR<\/strong> (for example, A1B2C3). If there\u2019s a ticket number, it means the airline ticket has been paid for and issued and you\u2019ve nothing to worry about.\n<\/p>\n

How to stop scammers ruining your vacation<\/h2>\n

\nLastly, a few tips on how to protect your trip from online scammers and phishers:\n<\/p>\n