Palo Alto Networks team Unit 42, which monitors cyber risks 24/7 worldwide, reveals:

Fraud attempts related to online travel transactions increased in 2023

Anna Chung, the lead researcher of Unit 42, the intelligence unit of the global cybersecurity leader Palo Alto Networks, highlights a significant increase in phishing attacks along with the surge in travel and holiday spending during the summer months. Chung shares some measures to counter these attacks and provides cybersecurity consulting to law enforcement officials in Europe.

With the closure of schools, many families are flocking to airports and other transportation hubs to go on vacation. Data indicates a substantial increase in holiday spending compared to 2022. For example, in the EMEA region, including Turkey, there has been a 27% increase in package holiday bookings compared to the previous year, and airline ticket sales have risen by 36% in the first three months of 2023 (Cardlytics).

Attacks doubled compared to the end of last year!

As holiday spending rises, so does the alarming fact of an increase in phishing attacks that disguise themselves as travel brands to steal money and personal information. Anna Chung, the lead researcher of Palo Alto Networks’ Unit 42, predicts through a new analysis on travel-related phishing attacks that these cybercrime incidents will be much higher compared to the previous year. According to the analysis, phishing attacks peaked in April 2023 in the same region, doubling the number from the peak in December 2022.

Anna Chung, who provides cybersecurity consulting to law enforcement officials in Europe, explains how holidaymakers are targeted:

“The most common phishing attempts involve scammers impersonating well-known brands and service providers. This tactic makes their fraudulent activities more successful, as users may mistake these phishing sites for official service provider websites. Such attacks expose individuals to risks such as financial loss, data breaches, or account takeovers, while also damaging the reputation of travel service providers. Moreover, it’s crucial to highlight that there is a significant presence of fake travel companies operating on the Dark Web and other underground marketplaces. These scammers often offer hotel reservations, car rentals, and airplane tickets/tours at discounts of up to 60%. Many victims make payments using stolen information through well-established travel booking websites.”

Considering the rising trend of phishing attacks in 2023, Chung emphasizes that passengers and the travel industry continue to be lucrative targets for fraudsters, necessitating vigilance from everyone, including the travel sector, due to the development of AI-supported phishing tools and techniques.

Anna Chung offers the following advice for those seeking holiday opportunities:

1. Be cautious when clicking on links or attachments in any suspicious email messages, including those related to account settings or personal information, or those evoking a sense of urgency.
2. Verify the sender’s address in suspicious emails in your inbox.
3. Double-check the URL and security certificate of every website before entering login information.
4. Report any attempts you suspect to be phishing attacks.