Summer Travelers Experiencing Uptick in Phishing Scams
More than 70 spoofed domains found for Airbnb indicating risk levels rise during peak summer travel months
June 25, 2019
The travel space is seeing a rise in phishing scams and domain spoofing as travel records are making easy targets for hacking experts to reach travelers in ways they may otherwise trust.
A new survey by DomainTools, a company dealing with domain names and DNS-based cyber threat intelligence, of 1,000+ U.S.-based consumers explores the potential correlation between an uptick in travel-related scams during the summer months and the general lack of awareness around phishing as it relates to booking travel online. Despite 58% of respondents being aware of phishing in general, 54% are unaware they might be ripe targets when booking their summer travel, setting the stage for a jump in malicious activity during the summer months.
According to theIBM X-Force Threat Intelligence Index, since January 2018 alone, 566 million records from the travel and transportation industry have been leaked or compromised in publicly reported breaches. The travel industry is a prime target for bad actors, as booking vacation often requires expensive purchases and the disclosure of personal information online.
Of the respondents in DomainTools’ survey that shared they are familiar with phishing scams aimed at the travel and hospitality industry, nearly 40% revealed they had been tricked by an attempted scam. Overall, the survey findings further shed light on consumers’ habit of overlooking key details while making online purchases and the larger issue of unawareness around what could ultimately cost them money or personal information.
As part of this research, DomainTools conducted additional investigation via its PhishEye solution. In a two-week period, more than 70 spoofed domains were created in an attempt to imitate vacation rental company Airbnb. The volume of spoofed domains in this short span of time further demonstrates the heightened efforts of bad actors targeting travelers at this time of year.
Some examples of fraudulent domains with a Risk Score of 70+ (scores of 70-99 predict potentially malicious domains before they are weaponized) in this research include:
• airbnbpromo[.]net
• airbnbprices[.]com
• airbnb-bookins[.]review
• airbnbhostpr[.]com
• airbnb-update[.]org
• checkin-airbnb[.]com
• airbnbvrbo[.]com
• airbnbb[.]net
• airbnbexclusive[.]com
“While the most popular sites such as Airbnb, Expedia and Alaska Air could be at risk of phishing attempts, we found that many of the people who use these sites are unaware of the potential dangers of booking travel online,” said Corin Imai, senior security advisor for DomainTools. “More than half of respondents indicated that they are unfamiliar with phishing campaigns that specifically target travel and hospitality sites and three-quarters of respondents were unsure if they had even fallen victim to a scam. While popular sites like Airbnb take it upon themselves to protect their customers, consumers need to remain vigilant while shopping online, and the security industry as a whole is encouraged to educate consumers to put proper defenses in place. The reality is, no person or site is exempt from falling for a scam unless we encourage awareness and put precautions in place to prevent it from happening.”
Additional takeaways from the survey include:
• Of the 27% of respondents who have clicked on a link or email that they thought was from a trusted travel company only to find out that it was an attempted scam, 20% reported their personal information was compromised, while 71% revealed they’re unaware anything bad had happened.
• Respondents who are “very” aware of phishing prioritize best practices such as going directly to the website of the travel company they book through (71%) and taking closer looks at URLs used in emails to ensure legitimacy (59%).
• 55% of respondents say they can determine a phishing email from a legitimate one based on how the email looks. Despite this tactic, of this group, 26% admit they have fallen victim to phishing.
Those who book summer travel online are advised to take the following steps to ensure they stay safe this season and enjoy their time off:
• Closely monitor domains that imitate leading travel, airline and booking companies with typos or disguised letters (e.g., ‘rn’ written to appear like the letter ‘m’).
• Book directly through the airline or vacation rental site rather than a third-party as a safer alternative.
• Stay up to date on the latest scams that circulate through the web, and avoid high-pressure tactics (e.g., “Book now!” or “Only three tickets left!”).
• Go back to the old school ways, and call the airline or travel company directly to confirm a reservation is in your name.