Holy Week is one of the peak travel seasons in the Philippines. The Civil Aviation Authority anticipates two million passengers to fly domestically to observe the holiday. With this many prospective Filipinos travelling simultaneously, there is expected to be fierce competition for travel tickets and bookings and good deals through online travel agents and apps. Meanwhile, scammers see this as an opportunity to be exploited, particularly through social engineering and phishing. Attackers target individuals and groups during this time as individuals are focused on family time and religious practice, and organizations have lesser manpower for security. In response, Palo Alto Networks, the global cybersecurity leader, shares insights and solutions to address this increasing cyber risk during Holy Week.
“We’ve seen time and time again how scammers capitalize on people’s eagerness to travel as well as their desire to travel affordably,” said Steven Scheurmann, Regional Vice President, ASEAN, at Palo Alto Networks. “The travel industry is especially attractive for scammers as it is a huge source of sensitive and personal data, including stolen usernames, emails, and passwords, as well as customer data such as identity, payment, and contact information, which means both travellers and travel companies need to be very cautious.”
According to Palo Alto Networks, some of the most common travel-related scams include:
The use of malicious domains and URLs that impersonate well-known brands and websites.
Phishing emails/SMS/WhatsApp texts to end users to trick them into either downloading malicious attachments or APK files or clicking on links that lead to malicious website pages or attachments. Threat actors use themes that invoke a sense of urgency (such as outstanding invoices) or emotional appeal to the end users with homecoming-themed emails as we approach Eid).
Offering a “shadow travel agency” service, they reach out to travellers through various social media platforms, providing travel-related bookings at heavily discounted prices. While travellers transfer clean money to the “shadow travel agency,” the “shadow travel agency” pays the actual service providers, such as hotels or airlines, with stolen payment information. Due to the time gap in payment processing, service providers only realize they have been defrauded when they see the disputed card transactions or chargebacks weeks or months later.
Meanwhile, organizations must implement security awareness training to improve employees’ ability to identify fraudulent emails, ensure that their organization’s data is regularly backed up as a defense against ransomware attacks initiated via phishing emails, enforce multi-factor authentication on all business-related logins as an added layer of security, and implement an end-to-end cybersecurity solution that allows for advanced URL filtering that detects unknown, newly malicious URLs quickly, identifies known samples as malware, and tracks related malware activities.
“Scammers and attacks may affect the individual traveller, major travel corporations, as well as small travel agents and operators—which means everyone needs to stay vigilant in implementing ways to avoid these threats. As Filipinos travel to celebrate Holy Week and spend time with their families, they must also remain aware and cautious of malicious actors to stay safe amid the holidays,” closed Steven.