There are now more reports that travel sites have become the target of sophisticated phishing scams, with some customers reporting suspicious emails and texts appearing to be from Booking.com. The messages request advance payment for flights and hotels, with many including details like booking references to make them seem more legitimate.
The scam was first detected by Perception=Point – a cybersecurity company – who warned that customers should monitor their accounts to look for odd transactions and to make other checks when receiving messages, like clicking on the target link to see if it’s real.
The National Security Agency recently highlighted an emerging trend where scammers are extending their reach into messaging platforms that were previously considered safe. The agency advises consumers to exercise heightened caution when receiving messages on platforms like Slack, Teams, Signal, WhatsApp, iMessage, and Facebook Messenger.
These attacks often aim to trick users into revealing their login credentials or clicking on harmful hyperlinks or attachments that deploy malware.
Here are some more tips to help consumers protect themselves:
- Check for Secure Websites: Ensure that the website’s URL begins with “https://” instead of “http://,” indicating a secure connection.
- Verify Website Reputation: Look for reviews and ratings from reliable sources or previous customers. A lack of reviews or excessively positive feedback may be a red flag.
- Research the Company: Investigate the travel agency or booking site separately. Verify their contact information, and physical address, and check if they are registered with relevant authorities.
- Be Skeptical of Unrealistic Deals: If a deal seems too good to be true, it probably is. Scammers often lure victims with unrealistically low prices to entice them into making hasty decisions.
- Double-Check Payment Methods: Use secure payment methods, such as credit cards or reputable payment platforms.
- Look for Clear Policies: Ensure the website has transparent terms and conditions, including cancellation policies, refund procedures, and other relevant information.
- Verify Contact Information: Legitimate sites provide multiple ways to contact them.
- Beware of High-Pressure Tactics: Scammers often use urgency to push travelers into quick decisions. Be wary of countdown timers, limited availability claims, or persistent pop-ups.
- Check for Trust Seals: Look for industry-recognized trust seals, such as SSL certificates or certifications from travel associations, to verify the legitimacy of the site.
- Review the URL: Watch out for slightly altered URLs or misspellings of well-known travel sites. Scammers may create fake websites with URLs that resemble popular booking platforms.
- Monitor Your Bank Statements: Regularly check your bank and credit card statements for any unauthorized transactions, especially after making online bookings.
- Use Official Apps: Whenever possible, use official mobile apps provided by reputable travel companies instead of relying solely on websites.
By following these precautions, travelers can minimize the risk of falling victim to scams when using holiday booking sites.