Fraud in the travel and hospitality industry refers to illegal activities primarily targeting airlines, hotels, booking platforms and other services such as car rentals or tours. This scam revolves around various tactics, techniques and procedures (TTPs) performed by cyber attackers on various forums, marketplaces, online stores and public messaging platform. An important underground market, from which companies in the sector and consumers looking for a bargain can protect themselves. What is the modus operandi of these cyber attackers? How not to fall into their traps?
Big Deals on the Dark Web
Travel and hospitality fraud is based, among other things, on cardless transaction data (CNP) and stolen loyalty points, which are used to purchase airline tickets, hotel rooms and various other travel deals with the aim of reselling them at a considerably reduced price. Malicious actors also create dummy accounts, hijack official accounts, or manage to convince unscrupulous “dark” hosts to make payments without giving an actual reservation in return.
Fraudulent ads are then created from brute force attack accounts for sale on dark web marketplaces or stolen login credentials and then purchased to take over and use accounts. In addition to these fraudulent “travel agency” service advertisements, cybercriminals are also marketing fake Covid-19 health passes and vaccination certificates.
Read too: Top 10 Retail and Customer Experience Ideas (August 22-26)
A recent study by Recorded Future reveals that 4,000 referrals of fraud on the dark web, a place of illicit trafficking where confidentiality is taken to extremes, has affected airlines and the hospitality industry worldwide. According to a report by Eurocontrol responsible for aviation security, even during the Covid-19 pandemic, the airline industry recorded a 530% increase in cybercrime incidents.
And it pays off
According to the Recorded Future study, 156 referrals of illegal airline ticket sales are mostly linked to Telegram channels and groups known to engage in this type of fraud. An illicit market estimated at $1.2 million in the first nine months of 2021, though that number is likely just the tip of the iceberg.
Loyalty cards are also in the crosshairs of fraudsters, a fruitful vein valued at more than $11 billion by 2025. Loyalty points can be used as cardless transaction (CNP) data for all types of travel and hospitality related bookings. This is particularly difficult to detect, as criminals often obtain enough personal information, through social engineering or other tactics, to impersonate the real user. Loyalty accounts are often poorly protected and the victim only realizes their damage after checking their balance.
As with much of cybercrime, this thriving travel and hospitality fraud market is fueled by data breaches. Dsince 1er As of January 2021, experts from Recorded Future have identified over 4.4 million leaked identifying information for airlines, travel agencies and hospitality companies worldwide. Another classic tactic for illicitly obtaining personal information is phishing victims themselves. Malicious actors even use phishing techniques to defraud users of the Transportation Security Administration’s (TSA) PreCheck, Global Entry, and NEXUS service websites. PreCheck allows registered users to be exempt from certain US airport checks for a streamlined experience.
The counter attack
To counter this growing trend of travel and hospitality fraud, companies in the industry exposed to this risk can first expand security measures already in place. Indeed, it is essential to correct the vulnerabilities of critical systems, test an incident response plan in place, which allows you to be better prepared for the inevitable changes to be updated. Using threat intelligence will increase the effectiveness of actions to be taken quickly to further reduce risk. This includes searching the dark web of publishing customer credentials stolen from their infected devices and identifying access for sale on their networks through a variety of criminal marketplaces.
Several simple precautionary techniques go a long way in protecting consumers from travel and hospitality fraud. It is essential to buy only on official or well-known websites, and not on social networks. Fake travel agency websites are easily identifiable as they often use national top-level internet domains such as “.eu”, “.ru”, “.ua” and sometimes display inactive icons such as “AppStore”, « Google Play » , to appear more authentic. It also goes without saying that you should never answer unsolicited calls offering vacation deals and that you should always check the terms and conditions before making a purchase. Direct communication with the owner or his agent allows you to assess the credibility of answers to specific questions about the reservation, the services included, the region and the location of the place of stay. And at the end of the trip, before validating a purchase, do not forget to check the general conditions of sale and in particular the refund policy.