Summer is a peak season for vacation travel. If you’re planning a last-minute getaway, be cautious of a circulating scam targeting deal-seekers online. As costs for everything from food to travel continue to rise, it makes sense to hunt for the best online deals to plan an unforgettable trip without overspending. According to Booking.com, cybercriminals have decided to capitalize on this need and are now using one scarily convincing, AI-generated phishing emails that can cost victims way more than their vacation budget. Marnie Wilking, Booking.com’s CISO, shared that the organization has seen a 500% to 900% increase in travel-related scams in the past 18 months using this malicious tactic.
How are these scammers doing it? While phishing emails have been around since the early days of the Internet, AI tools like ChatGPT are now enabling the creation of highly realistic and professional-looking scam emails that are more likely to deceive recipients. Previously, phishing emails were often filled with obvious mistakes, such as typos and poor grammar. With the rise of AI, cybercriminals can now generate numerous legitimate-looking emails that frequently slip past both detection software and unsuspecting readers.
Here’s how they work:
Scammers use sites like Booking.com or Airbnb.com that allow people to list their places as short-term rentals. They send out emails offering incredible rates or time-sensitive deals on nonexistent properties. Once someone makes a payment, the scammers either disappear with the money, leaving the renter stranded without a place to stay, or continue the deception with follow-up emails to collect additional “fees” or “charges” before disappearing completely.
To be clear, these vacation-focused phishing scams are NOT new. The problem now is that, with AI, more people are falling for them because these emails are becoming increasingly convincing.
What can you do?
Vacationers can take several key steps to avoid falling victim to scams.
1.
Enable Two-Factor Authentication: Where applicable, use two-factor or multifactor authentication. This means a confirmation code will be sent to your phone each time you log in, adding an extra layer of security against phishing attacks and credential theft.
2.
Avoid Clicking on Email Links: If you receive an email promoting a too-good-to-be-true deal, remember, it is likely too good to be true! Instead of clicking the provided link, visit the website directly and search for the offer yourself. If you can’t find it, there is a chance you will avoid a scam.
3.
Check Property Details Before Booking: Before booking ANY property online, make sure contact information and reviews are readily available. Have other verified users stayed at the property? If so, it’s less likely to be a scam.
4.
Use Credit Cards for Online Purchases: It’s safer to use credit cards rather than debit cards linked directly to your bank account. If fraud occurs, it’s challenging to recover stolen money from a debit card, whereas credit cards offer an additional layer of protection.
The key is to remain vigilant. Carefully examine every email offer you receive and follow cyber security best practices. While standard security software can detect some of these scam emails, it won’t detect all of them, so always remain cautious and look for red flags.
Personal scams may ruin a vacation, but business breaches can cost you and your family their livelihood. To keep your network secure, call us at 847-906-5005 or click here to book a FREE 15-minute consultation with our cybersecurity experts, who can help you create a plan that protects you. Enjoy a well-deserved summer break and remember to be cybersmart.