As you may already know, travelers from the 36 countries that don’t require a visa to enter the U.S. must still register online for travel authorization. And as of September 8, 2010, they will also be required to pay a $14 fee for it.
Since this registration can be performed exclusively online and registrants are largely unfamiliar with official U.S. government sites and registration processes, this requirement is a dream come true for various scammers and other online criminals.
Fake websites offering ESTA (Electronic System for Travel Authorization) forms have been popping up left and right for quite some time, and the announced fee has attracted even more malicious individuals in search for a quick buck. Since the registrants expect to have to enter a variety of personal information in order to get the travel authorization, they are naturally less likely to spot something unusual.
Search results for various word combinations containing the ESTA acronym offer many of these dangerous websites, which usually mimic the official site – even to the point of offering multiple language registration choices, says McAfee.
The goals of the criminals are various: some are interested in the personal information the registrant enters, some go for banking and credit card details. A few of them offer to help them fill out and submit the authorization form – charging fees from $30 to $250 for a service that you can easily do yourself and pay only 14$ for it. Others offer them to download the forms, but are actually handing out malware.
An added bonus for criminals is the information regarding your travel dates. Not only does this information come in handy for anyone who might organize burglaries to be executed while they are gone, but they can also be sure that suspicious money withdrawals from various accounts and unusual credit card transactions will likely go unnoticed until they return from their trip.