With Covid-19-related travel restrictions having been dropped by most countries, pleasure-seeking travelers are booking plane tickets, accomodations and tours with a vengeance.
Phishers, scammers and malware peddlers are ready to take advantage of the summer holiday season: According to Bitdefender security analysts, the deluge of travel-themed spam has started in March and is expected to reach its peak in June.
Travel-themed spam to look out for
Security analyst Alina Bizga told Help Net Security that they haven’t seen any really sophisticated travel-themed scams, phishing or attempts at impersonating popular booking platforms as they have seen in the past, but that the summer holiday season is just starting.
Current phishing emails run the gamut from airline ticket giveaways, gift cards and offers of bonus flight hours to booking confirmations and bargain offers for holiday rentals and all-inclusive deals.
The travel-themed phishing lures include keywords related to summer vacation and reference or impersonate well-known airline companies such as Delta, American Airlines, and United Airlines and organizations in the hospitality and tourism industry such as Accor Hotels, Panorama Tours, Meritus Hotels, and others.
Targets are urged to fill out surveys and enter their personal information into phishing sites, or to download invoices and messages that are actually malware.
But even if they don’t steal anything, victims might end up with a bad deals.
“Consumers who purchase travel deals via spam emails usually don’t get their money’s worth,” Bizga noted. “A search of such travel offerings found bad reviews and complaints from most consumers in 2022, with some negative comments pointing to misleading descriptions, poor customer service, hidden fees and an inability to contact service providers.”
The one piece of advice that every person online should follow is: “If a deal sounds too good to be true, it probably is.”
Other than that, look out for poorly written emails (they are likely phishes or scams), check the legitimacy of a deal before paying, and don’t pay by wire or cryptocurrency transfer.
Credit cards or PayPal should be preferred payment channels because they make it easy to dispute fraudulent charges, Bizga pointed out. Also, don’t give out you payment card info or sensitive data over the phone to anyone, and don’t click on links or download attachments in unsolicited emails.