How Cybercriminals Are Capitalizing on Travel Cancellations
Much of the world currently is subject to at least some form of travel restrictions. Not surprisingly, the travel industry — airlines, hotels, car rental agencies, cruise ships, and businesses operating in popular tourist destinations — has been devastated by the novel coronavirus (COVID-19) pandemic.
Fraud perpetrators know from experience that chaotic and confusing situations provide the perfect conditions for successful scams. With both travel companies and travelers wrestling with the effects of trip cancellations and uncertainty regarding future travel, criminals are concentrating their efforts on stealing — and profiting from — data. What can you do to protect yourself from becoming a victim? Familiarize yourself with these recent scams.
Social Media Mistakes
If you've had to cancel a scheduled trip, you probably know that many travel service providers' call centers have been overwhelmed in recent months. As a result, some travelers have turned to social media to request assistance, and, to speed up the refund process, posted their travel itineraries and personally identifiable information.
Such public sharing generally is a mistake. Although it may get the attention of a travel company, it also exposes data to fraud perpetrators. Criminals can sell your travel details on the Dark Web or use it themselves to engage in identity theft. So if you need to discuss a reservation with an airline or other service, continue calling and waiting on hold until you get a representative on the phone.
Loyalty Program Liabilities
Many travelers enrolled in loyalty programs to earn rewards from their travel activity have also shared these details online to facilitate refunds. But criminals can use that information to access your loyalty account and steal additional data housed in that account. For example, your loyalty account probably contains your mailing and email addresses, phone numbers, and even your credit card numbers — a gold mine for fraudsters.
Criminals can also redeem your points for free flights or hotel stays. Or they might sell the points to third-party businesses that trade in loyalty program points.
Key to Multiple Accounts
Although most people know they're not supposed to recycle or duplicate passwords across online accounts, most users do. Therefore, if a criminal gains access to one account and its password, they often gain the key to opening other accounts. Once in an account, the hacker can assume control and initiate a password reset so that you no longer have access.
Thus begins an online crime spree. Most cybercriminals move quickly because they know it's only a matter of time before you, a bank, credit card company or other service provider notices that something is awry.
As you can see, sharing what may seem like innocent travel details online can open a Pandora's box. But in this case, it's easy to foil financial predators. In addition to contacting companies directly:
- Never share travel-related data on publicly viewable social media pages. If you must use social media applications, contact the travel company via the service's private message system.
- Consider adopting a password manager (generally free to use) to ensure you use unique passwords for all of your online accounts.
- Prevent unauthorized access or changes to your account by enrolling in multi-factor authentication. This requires you to log in to accounts using more than one method — for example with a saved password and a one-time password sent to your phone or email address.
- Monitor your bank, credit card, and loyalty account statements for suspicious activity. If you have questions about an item, contact the bank or service provider immediately.
Many financial service providers will place a fraud block or freeze on accounts that have potentially been compromised. If you're concerned that your information has fallen into the wrong hands, ask about placing such freezes on accounts and on your credit reports.
Don't Let Your Guard Down
The negative effects of the COVID-19 pandemic are likely to be with us for longer than we'd wish. Fraud perpetrators, on the other hand, are happy to keep the "party" going as long as possible. Be sure you don't let your guard down in this fraught environment.