During the holiday season, there will be an influx of travelers across the US visiting friends and family. As demand increases, there will be a dramatic increase in the cost of traveling. As a result, people will be looking for the best and cheapest deals available to them and cybercriminals will use this to their advantage. 

Cybercriminals are always on the lookout for opportunities to exploit trends and the holiday season is the perfect time for them to scam companies or individuals by offering fake or overly discounted travel packages such as flights, trains, hotels, rental cars, and even vacation packages. These scams often involve fake deals or online giveaways and surveys that claim to offer excellent tickets for surprisingly low prices, only to catch victims off guard when they arrive at the airport or train station to find the ticket they paid for does not exist. 

After falling for one of these scams, victims may discover that cybercrime groups have sold their stolen credentials and other sensitive information pilfered from travel-related websites. (Source: darkreading.com)

Laptop open to flight search with travel paraphernalia scattered next to the laptop. Hands are preparing to type.
Image by rawpixel.com on Freepik

Scammers can:

  • Set up a fake website
  • Use genuine websites to post fake ads for hotel rooms and holiday rentals
  • Offer fake accommodation and ticket packages
  • Reserve customers a fake reservation
  • Redirect users to their fake website by faking a legitimate URL
  • Capture network traffic by connecting to unsecured Wi-Fi networks accessed by users

It can be difficult to distinguish between a genuine or fake website as hackers are becoming experts at tricking organization security monitoring tools and using secure protocols such as https. There are many free or open source tools available on the internet to host a domain for cheap or free with a valid signed certificate. This gives hackers flexibility and makes them almost too anonymous to track as they delete the website after successfully scamming someone.

According to a recent report by McAfee Corp, “The research reveals 30% of adults have fallen victim or know someone who has fallen victim to an online scam while trying to save money when booking travel. 34% of those who had money stolen have lost over $1,000 before their trip has even begun, while 66% lost up to $1,000.” 

Based on 2022 Federal Trade Commission reports, more than 65,000 consumers lost a combined total of $105.1 million in vacation, travel and timeshare scams. However, there are ways to prevent yourself from being scammed.


What can I do to avoid becoming a victim of a travel scam?

  • Be wary of suspiciously low prices when searching online or travel tickets.
  • Travel ads on websites are most likely malicious, so do not click on them.
  • Always check the spelling of a URL to ensure it is genuine.
  • Always check that a link is taking you to an official website by hovering over the URL with your mouse.
  • When booking tickets, you should only use the travel company’s official website.
  • Use third-party digital wallets (such as PayPal, Apple Pay, or Google Pay) for purchases as they may reduce the chances of your payment information being stolen.
  • Research the travel booking business before purchasing.
  • Beware of emails or texts from senders you do not recognize.
  • Do not give your credit card information over phone call, email, or SMS to any person or business.

As we gear up to spend the holiday season with our loved ones, staying vigilant and informed can help ensure our travels are free from the pitfalls of travel scams, allowing us to fully enjoy the cherished moments with family and friends.