Now that lockdowns have ended and travel restrictions have been lifted, more than half of American adults are planning to take a trip this summer and cybercriminals have taken notice.
According to a recent survey by The Vacationer, over 80 percent of American adults have begun planning their summer travel plans and 20 percent of respondents plan to travel internationally. The number of people preparing to travel this year also increased by 19 percent compared to last year and nearly half of vacationers are in “revenge travel mode” with plans to travel more than once in 2022.
As such, cybercriminals are also preparing to con unsuspecting travelers searching for last-minute getaway deals. According to Bitdefender Antispam Lab, travel-themed spam first began appearing in users’ inboxes back in March with the U.S. (37%), Ireland (18%), India (12%) and the UK (9%) being the most targeted countries.
If you’re planning to take a trip this summer, these are some of the things you’ll want to be on the lookout for to ensure you arrive at your destination safely as opposed to being infected with malware or even worse, falling victim to identity theft.
Travel-themed spam makes a comeback
To learn more regarding the online threats to travelers this summer, Bitdefender conducted a three-month analysis of travel spam.
This year, travel-themed spam first arrived in the inboxes of the company’s customers beginning in March. There was a massive uptick in April when the rate of travel-themed spam rose to 44 percent before dropping slightly to 37 percent in May.
Some of the more popular email subjects for travel-themed spam and phishing attempts include Bonus flight hours, Holiday rentals and all-inclusive deals, Booking receipt notices, Booking confirmations and Airline ticket giveaways.
Although traditional spam ads promoting all-inclusive deals weren’t flagged as malicious by Bitdefender’s email security tools, customers who purchase travel deals via spam emails usually don’t end up getting their money’s worth. A search of spam travel offerings found bad reviews and complaints with some negative comments pointing to misleading descriptions, poor customer service, hidden fees and an inability to contact service providers.
Phishing attempts and brand impersonation
When it comes to travel-themed phishing lures, Bitdefender points out that many include keywords related to summer vacation and well-known airlines including Delta, American Airlines, United Airlines and Alaska Airlines among others. These are often used to deliver giveaway survey and gift card scams to steal money and personally identifiable information from consumers.
However, it appears that the cybercriminals behind these travel-themed campaigns may be on a bit of a mental vacation themselves as Bitdefender noticed that their phishing lures aren’t highly convincing.
Cybercriminals are also leveraging malicious domains and URLs to trick potential victims into downloading attachments in the form of invoices and credit card transactions that can contain malware and other viruses.
Bitdefender’s antispam and antimalware filters also flagged a malicious campaign where the cybercriminals behind it impersonated popular international hotel chains and tour operators including Accor Hotels, Panorama Tours, Meritus Hotels and others to deliver credential-stealing trojans.
Brand impersonation is a common tactic used by cybercriminals to trick consumers to compromise their data and steal their money. For this reason, Bitdefender always recommends exercising caution when dealing with travel-themed correspondence via email, instant messages, pop-ups or ads on social media platforms.
How to avoid online travel scams this summer
In order to avoid getting scammed while planning a trip this summer, you should thoroughly research before purchasing any travel packages or accommodations through an ad you see on social media. At the same time, you should never rely solely on positive reviews and high trust scores as these can be faked. Any offer should also be checked for poor grammar, misspelled words or other inconsistencies as these are big red flags.
When planning your next trip, you should only use legitimate holiday platforms to search for accommodation, flights and tours. As for paying for your trip, never use wire transfers or cryptocurrency. Instead you should use a credit card or PayPal so that you can easily dispute any fraudulent charges.
For those who still prefer to plan their trips the old fashioned way through a travel agent, you should never give out your credit card number or sensitive data over the phone. This should be done in person so that you know it’s not a scam.
It’s also worth noting that a VPN can be quite useful when shopping for plane tickets and accommodation. This is because a VPN allows you to change your IP address and avoid location-based price targeting. Likewise, searching for flights in incognito mode can prevent airlines and travel services from leaving cookies in your browser which can lead to higher prices.