When COVID-19 travel restrictions eased as countries tried to re-open borders to travelers, researchers at Gemini Advisory observed that the sale of travel services — both legal and illegal — started to increase, opening up more opportunities for cybercriminals to monetize stolen payment card data.
For those not really knowledgeable about travel services fraud, Gemini provides a quick overview:
The premise of this fraud scheme is to make fraudulent purchases on well-known booking sites or through travel service providers, and then to direct customers to send payments to cybercriminals’ accounts. Underground forums and Telegram channels provide a platform for cybercriminals to advertise their travel services, which includes booking flights, hotels, rental cars, and other services associated with travel. Fraudsters typically offer their travel services at a significant discount, attracting not only cybercriminals but also regular travelers who are unaware of the fraud scheme.
How cybercriminals commit travel service fraud. Image credit: Gemini Advisory.
Cybercriminals offering travel services typically list which booking services can be used, such as booking.com, airbnb.com, and others. The customers can then choose where and when they want their bookings to be. As an example, a customer could choose a $1,000 booking at a hotel in Vietnam, send the booking to the cybercriminal, and the cybercriminal would offer to complete the booking
for $500 (50% discount).
(And here you thought you were just lucky to find a great discount, right?)
Some services may even work through a guarantor, which gives them an added impression of credibility. And some services may post pictures on their forum or Telegram channel of vacationing customers that show the service’s name to further create the impression that the services will actually be provided.
While legitimate booking sites employ a variety of anti-fraud measures, cybercriminals have their own tactics and exploits to defeat anti-fraud systems. These methods are described in Gemini’s full report, which you can read at https://geminiadvisory.io/travel-services-fraud/. It’s somewhat fascinating to read how determined criminals figure out how to evade detection or bypass protections.
But if your only interest is as a consumer who doesn’t want to be swindled, then remember that if you’re shopping for a travel deal and something seems too good to be true, it probably isn’t true.
