Booking.com’s Warning Emphasizes MFA to Beat Travel Scams
Traveltech platform, Booking.com, has raised alarm over the sharp spike in travel scams. The scams are fueled by AI. The Booking.com travel scams warning comes at a time when the summer travel season is just starting.
Channel News reported that phishing attacks trick people to share financial details. Attackers do this by sending convincing fake booking links to victims.
AI Tools
Marnie Wilking, the Internet Safety Boss at Booking.com highlighted the sharp increase in travel scams during the Collision Technology Conference in Toronto. She noted that over the last 18 months, the travel scams have increased by 500% to 900%. According to Wilking, generative AI tools like ChatGPT are contributing to this increase.
“Of course, we’ve had phishing since the dawn of email, but the uptick started shortly after ChatGPT got launched. The attackers are using AI to launch attacks that mimic emails far better than anything that they’ve done to date,” she said.
Mimicking Legit Companies
Legit travel companies like Booking.com and AirBnB allow users to list their hotels or homes. Scammers are increasingly mimicking these companies. They send convincing emails with ‘booking’ links to unsuspecting travelers.
The links direct email recipients to malicious websites that look legitimate. On these websites, people can enter their payment details to ‘book’ their trip. But after payment is completed, the scammers disappear and leave their victims stranded. Some scammers send their victims follow-up emails in an attempt to get more money from them.
Previously, scammers have used a refund trick to defraud travelers. They sent phishing emails to Booking.com customers. The emails claimed that customers had been charged double for their transactions. A downloadable refund application form was included in the phishing emails. Scammers accessed the banking details of customers who downloaded the form.
TellTale Signs
Scams are not new in the travel industry, they’ve been around for many decades. Previously, travelers could identify travel scams by checking grammar errors and spelling mistakes in emails.
But this has changed. Wilking said that generative AI is making it difficult to detect phishing emails. Scammers can generate more accurate text and realistic emails using AI. Even worse, they are doing so in many languages.
The best way to overcome credential theft and phishing is to adopt multi-factor authentication. This extra security check allows travelers to receive codes on their phones to verify their identities.
Although scammers now use AI to defraud travelers, travel companies are using it to fix the problem. Booking.com is using AI to pull down fake hotels that have attempted to scam travelers from its website.
“We’ve set up AI models to detect those and either block them from getting on there to begin or take them down before there’s any booking,” Wilking added.
Avoiding Scams
Following the Booking.com travel scams warning, travelers should be more vigilant when clicking links. Travel expert, Jane Hawkes says travel companies should create more awareness on travel scams. Travelers should also double and triple check booking sites.
“Check that contact details are readily available on websites and that there is a telephone number – many scam sites purposely don’t have one,” she suggested.
Hawkes advised travelers to book hotels and flights together. They can use credit cards to protect themselves.