If you’re planning a last-minute summer trip, be cautious of a new vacation travel scam targeting unsuspecting tourists. As travel costs rise, many are turning to online deals to save money. However, Booking.com warns of a highly deceptive AI-generated phishing email scam that could deplete more than just your travel budget. Marnie Wilking, Booking.com’s CISO, noted a 500% to 900% surge in such vacation travel scams over the past 18 months.
What’s the method behind these scams? Phishing emails, a long-standing Internet issue, are becoming more convincing thanks to AI technologies like ChatGPT. Where once phishing attempts were marred by obvious mistakes, AI now enables fraudsters to efficiently produce numerous credible-sounding emails that can bypass both software filters and human scrutiny.
Here’s how they work:
Scammers will use sites like Booking.com or Airbnb.com that allow people to list their places as short-term rentals. The scammers send out emails offering incredible rates or time-sensitive deals on nonexistent properties. After someone pays, the cybercriminals will either disappear with the money, leaving the renter without a place to stay, or use follow-up emails to collect additional “fees” or “charges” before vanishing.
To be clear, these vacation-focused phishing scams are NOT new. The problem now is that, with AI, more people are falling for them because these emails are becoming more convincing.
What can you do?
Vacationers can take several key steps to ensure they’re not being duped.
1. Use two-factor or multifactor authentication, whenever possible. Having a second method of verification every time you log in will help prevent credential theft and impersonation.
2. Avoid clicking on email links. If you receive an email promoting a too-good-to-be-true deal, remember, it is likely too good to be true! Go to the website and search for the special. If you can’t find it, there is a chance you will avoid a scam.
3. Before booking ANY property online, make sure contact information and reviews are readily available. Have other verified users stayed at the property? If so, it’s less likely to be a scam.
4. Use credit cards for online purchases. Using debit cards or services like Venmo that are linked directly to your bank account is dangerous. When theft occurs from your debit card, it is difficult to get your money back – if you get it back at all. Using a credit card provides an additional layer of protection.
The most important thing is to stay vigilant. Analyze every email offer you receive and follow cyber security best practices. Standard security software can help detect some of these scam emails, but often not all of them, so it’s important to be cautious and look for red flags.
Vacation travel scams may ruin a trip, but business breaches can cost you and your family their livelihood. To keep your business secure, email us at info@invario.net or click here to book a FREE 10-minute discovery call with our cybersecurity experts, who can help you create a plan that protects you. We are here to help! Enjoy a well-deserved break this summer and remember to be cybersmart.