The dark underbelly of the internet never takes a break, and cybercriminals seem to have set their eyes on exploiting eager travelers as we settle into 2023.
With global tourism forecast to rise by 30% this year, the latest Bitdefender Antispam Lab telemetry illustrates how opportunistic scammers are setting up their playing field to defraud potential travelers.
Notable travel-themed spam campaigns aimed at stealing data and financial information from unwary individuals were observed beginning Dec 20, and continued throughout the holiday season and beyond (see Figure 1).
Particularly, spammers pushed their travel-themed lures on English-speaking recipients, with 53% of the correspondence targeting US inboxes. The US is followed by Ireland (10%), India (6%), the UK and South Africa (5% each), and Germany (4%). Other European countries, including France, Sweden, Denmark and Italy, weren’t entirely spared the deluge of spam emails (see Figure 2).
Researchers at Bitdefender Labs note that only 40% of the travel-themed spam emails received over 30 days were marketing lures. The remaining 60% was marked as scams, including some that abused the names of well-known airlines to gain access to users’ sensitive information and travel rewards or loyalty accounts.
The list includes Southwest Airlines, Ryanair, Lufthansa, Air France-KLM and American Airlines.
Travel rewards programs and gift cards are among the most exploited subjects:
Airline loyalty programs are highly desired digital assets for cybercriminals as they contain a wide variety of personally identifiable information on travelers and airline points that can be monetized on the dark web.
For example, phishing emails purporting to come from German carrier Lufthansa urged recipients to fill out a new award redemption form to collect 24 euros worth of miles. A second campaign informed individuals of suspicious transaction attempts on their accounts that the scammers say led to the temporary restriction of their credit cards.
Most giveaway and survey scams offer recipients free miles and gift cards ranging from $90 to £500. Fraudsters also anticipate consumer behaviors and incentives that prompt them to book or buy travel packages - as seen in this bogus survey aimed at stealing personal and financial info from users.
As leisure travel and bookings return to pre-pandemic levels, 2023 is expected to bring a surge in vacationers who are already planning for their perfect summer trip, making use of travel rewards cards and hospitality perks that come with some of the industry’s best travel reward programs.
If you’re planning to book ahead to save big on your next holiday, stick to good cyber hygiene to steer clear of fraudulent emails, texts or messages on social media.
Check our dedicated guide to avoiding travel and bookings scams here.
Cybercrooks are just getting started with travel-themed lures, so make sure you are equipped with the tools you need to protect your identity and financial wellbeing.
Start prioritizing your digital safety while shopping or traveling this year and opt for a Bitdefender all-in-one security solution to protect all your devices from malicious and fraudulent activity no matter where your travels take you.
With Bitdefender's all-in-one plans, you get award-winning antimalware protection and benefit from advanced anti-fraud and anti-phishing filtering systems that warn you whenever you visit a website that may try to scam you. You also get a state-of-the-art Password Manager to help you store your sensitive data passwords, a powerful Premium VPN with unlimited traffic to help you find cheaper flights without advertisers tracking your every move, and Identity Theft Protection, depending on your location and chosen plan.