As more consumers return to travel, cyber criminals are also
upping their activity, taking aim at both travelers and travel companies.
According to a new report from Bitdefender, travel-themed phishing
campaigns are landing in consumers’ inboxes in increasing numbers.
The company says the rate of travel-themed spam increased
from 19% in March to 44% in April.
After a slight drop in May to 37%, the report says: “The
rate of holiday phishing lures is likely to peak once again in June.” With airfare
and accommodation costs rising, the digital cons are hoping consumers
searching for last-minute deals will unwittingly clicking on the fraudulent
emails with subject lines referencing deals and giveaways, then be duped into
giving up personal information or installing malware.
Subscribe to our newsletter below
In many cases, threat actors use well-known brand names to
gain access.
“Our antispam and antimalware filters also flagged a
particular malicious campaign where the spammers impersonated popular
international hotel chains and tour operators to deliver credential‐stealing
trojans. Names of impersonated brands include Accor Hotels, Panorama Tours,
Meritus Hotels and others,” says Bitdefender’s report.
On the other end, travel and hospitality companies are
also facing attacks.
According to PerimeterX, malicious web-scraping bots “are
not only pervasive but also increasingly sophisticated.”
The company says its system stopped three attacks on “two of
the most well-known consumer online travel agencies” during April and May.
In the “Itemization Attack” April 24, bots used the site’s
search engine to scrape itemized product and pricing information, using a
different fingerprint for every request. The next day, a similar attack was
made on another OTA, at very high volume, so the malicious requests made up the majority of
traffic during a 24-hour period, and then the attack continued more than a
week.
“This example demonstrates just how high malicious traffic
can become during attack periods. Online travel and hospitality businesses must
have the technology and infrastructure in place to balance the load and
maintain website performance during traffic spikes,” says Itay Binder, cyber security research manager at PerimeterX.
In a third attack on May 14, bots tried to scrap reviews and
testimonials from the same OTA struck on April 24. The traffic totaled more than one million
requests to more than 180,000 different paths, with malicious requests reaching
92% of total traffic to reviews endpoints.
“Although
it may seem odd that the bots did not attempt to scrape product or pricing
data, we can identify two potential reasons for such an attack. One is that a
competitor was stealing reviews to make their site look more legitimate. Two is
that a cybercriminal was trying to trick people looking for the original travel
site to visit a fake one instead. Not only does this type of attack take away
your competitive edge, it can also damage your SEO rank because search engines
penalize duplicate content,” Binder says.
Research from Imperva has also uncovered fraud concerns
related to attacks using bots, with travel the top-targeted industry.
According to Imperva’s 2022 Bad Bot report, these malicious
applications accounted for 27.7% of all global website traffic in 2021 – and even
higher in travel at 31% of traffic to industry websites.
Account takeover (ATO), where bots are used to run a list of
stolen credentials against a login page or perform mass guessing of passwords, increased 148% in 2021. Travel was the second-most-targeted industry for this
type of attack after financial services.
“The implications of account takeover are extensive;
successful attacks lock customers out of their account, while fraudsters gain
access to sensitive information that can be stolen and abused. For businesses,
ATO contributes to revenue loss, risk of non-compliance with data privacy
regulations and tarnished reputations,” says Imperva’s report.