Threat Actors Prepare Travel-Themed Phishing Lures for Summer Holidays

Vacation season is almost here, and we’re all in need of some vitamin D after pandemic lockdowns and travel restrictions ruined the plans of many vacationers.

According to a recent survey by The Vacationer, over 80% of American adults plan to travel this summer, 20% of whom are set on international travel despite the war in Ukraine.

The number of people who intend to travel has also increased by 19% compared to last year’s survey conducted by the organization, and nearly half of holidaymakers are in “revenge travel mode,” saying they plan to travel more than once in 2022.

Digital pickpockets are also getting ready to con unsuspecting internet users searching for last-minute getaway deals. According to Bitdefender Antispam Lab, travel-themed spam has been hitting users’ inboxes as early as March 2022, with a particular affinity for the US (37%), Ireland (18%), India (12%) and the UK (9%).

Although more travel spam was spotted in April (a 25% increase from March), the rate of holiday phishing lures is likely to peak once again in June.

From daily doses of travel-themed spam ads to your run-of-the-mill phishing emails, our three-month analysis of travel spam trends suggests that threat actors might also be on a mental vacation, with little focus on delivering highly convincing correspondence phishing lures to recipients.

Popular email subjects include:

• Bonus flight hours
• Holiday rentals and all-inclusive deals
• Booking receipt notices
• Booking confirmations
• Airline ticket giveaways

The travel-themed phishing lures also include keywords related to summer vacation and well-known airline companies including Delta, American Airlines, United Airlines and Alaska Airlines among others, used to deliver giveaway survey scams. Gift cards and giveaway scams are highly versatile and can be used to leverage user and global trends to steal money and personally identifiable information from unwary consumers.

Threat actors have also leveraged malicious domains and URLs to trick prospective victims into downloading malicious attachments in the form of invoices and credit card transactions that usually trigger an emotional response from recipients.

Our antispam and antimalware filters also flagged a particular malicious campaign where the spammers impersonated popular international hotel chains and tour operators to deliver credential-stealing trojans. Names of impersonated brands include Accor Hotels, Panorama Tours, Meritus Hotels and others.

Financially motivated threat actors often leverage brand reputation -- big hotel chains in this case -- to sneak past unwary recipients and compromise their data and steal their money. That’s why we always recommend caution and vigilance when dealing with travel-themed correspondence, whether it’s via email, instant messages, pop-ups or ads on social media platforms.

Although traditional spam ads promoting all-inclusive deals were not flagged as malicious, consumers who purchase travel deals via spam emails usually don’t get their money’s worth. A search of such travel offerings found bad reviews and complaints from most consumers in 2022, with some negative comments pointing to misleading descriptions, poor customer service, hidden fees and an inability to contact service providers.

If you plan to travel this summer, Bitdefender recommends you follow these essential guidelines to avoid scams and financial compromise:

• Research before purchasing your holiday through an ad you see on social media, and never rely solely on positive reviews and high trust scores – they can be faked
• Check the offer for poor grammar, misspellings or inconsistencies – they are big red flags
• Use legitimate holiday platforms to search for accommodation, flights, and tours only, and avoid ads that promote too-good-to-be-true offers
• Never use wire transfers or cryptocurrency transfers to pay for your booking. Instead, use a credit card or PayPal account so you can easily dispute any fraudulent charges
• Use a local security solution with anti-fraud and anti-phishing filtering systems to ensure you won’t land on a phony website
• Never give out your credit card number or sensitive data during a phone call with a travel agency. If the individual insists you provide the information, it’s 100% a scam
• Don’t click on unsolicited links or attachments no matter how good the deal sounds
• Always make sure that the deal or accommodation exists before making payments
• If you’re calling a travel agency to book your next trip, don’t provide your credit card information or any sensitive information during the phone call. If the person or agent insists that you give these details or risk forfeiting your spot, it’s a scam

Start prioritizing your digital safety by opting for our comprehensive 3-in-1 security and privacy solution to protect all your devices from malicious and fraudulent activity no matter where your travels take you. With Bitdefender Premium Security, you get award-winning antimalware protection and benefit from advanced anti-fraud and anti-phishing filtering systems that warn you whenever you visit a website that may try to scam you. You also get a powerful VPN with unlimited traffic for your PC, smartphone and tablet plus a handy Password Manager to help you store your sensitive data passwords.

Note: This article is based on information courtesy of Bitdefender Labs.