As the summer travel season approaches, scammers are trying to make a quick buck off your expenses and getaway plans. A new survey from cybersecurity firm McAfee found that 38% of Americans have experienced a travel-related scam. Of those who did, 41% lost money — and nearly half of that group lost more than $500.
Fake booking confirmations and travel updates were among the most frequently identified scams in the survey of 1,000 people. Messages can look incredibly realistic, using familiar brand names and design cues from airlines, hotels and booking sites. Research from McAfee Labs also shows that popular travel brands like TripAdvisor are being manipulated, making it difficult for consumers to tell what’s real from what’s fake.
The goal of scammers is to scare travelers just enough to make them click before they think. 90 percent of travelers say they feel pressured to book quickly. Naturally, scammers engineer their messages to increase that pressure, pressuring consumers to act before they miss out on the deal. McAfee also found that 41% of travelers trust messages that appear to come from airlines or hotels without double-checking them first.
The safest way to avoid booking scams is to never act directly based on a text message or email, even a convincing one. Open your airline, hotel or booking system separately and check your booking there. If something is really wrong, it will show up in your account.
If you need customer service, look up the number through the official website or app. Scammers may pretend to be airline or hotel support and ask for payment information or check-in information.
Some current scams to watch out for
A fake AI hijacker
AI voice processing has given fraudsters the ability to make a stranger sound like someone they know. A recent incident showed how quickly it can work, leading a Bay Area mother to put up a $5,400 bond to win her daughter’s freedom — except her daughter was never in danger in the first place.
Deborah Del Mastro received a call from an unknown number one morning earlier this month. An unidentified man’s voice said his 37-year-old daughter had been kidnapped by a Mexican drug cartel. He then played what Del Mastro believed was evidence: his daughter’s voice, terrified and crying, saying she was afraid and loved him.
But it wasn’t true. Fraudsters used AI to synthesize his daughter’s voice. Del Mastro spent hours following the caller’s instructions before wiring the requested $5,400 to an account in Mexico. But when he got to the place where he was told that his daughter would be released, he did not find her.
Del Mastro then called his daughter, who answered the phone saying she was at work.
Erin West, who works on these cases with the global non-profit Operation Shamrock, says fraudsters can piece together voices using just a few seconds of audio, often taken from social media or phone calls. He also told a local news station that this type of scam is growing rapidly. “It’s getting worse, and will continue to get worse with the use of AI and deepfake technology.”
His advice is to establish a family code name that only you and your loved ones know, to confirm the identity of the caller in times of panic. When you get a call like this, avoid the urge to act quickly. The pressure to move quickly is the cheater’s main weapon.
Fake bill and invoices
In March, New York prosecutors announced that a Florida man had been sentenced to more than six years in prison for sending small businesses what looked like ordinary web hosting bills. Invoices used to cost $180 – low enough that a busy office could pay without asking too many questions. But prosecutors say Robert W. Lederhilger III mailed nearly three million of them over the past few years, defrauding tens of thousands of victims out of a total of $9 million.
The case shows why the FTC recently warned small businesses to slow down before paying unexpected debt. Fake invoices may arrive by post or email, and often claim to cover vague services such as technical support, domain registration, web hosting or search engine optimization. Some are designed to collect money directly, while others are phishing attempts aimed at breaking into company systems.
Before paying, match every invoice with an approved purchase order or vendor record. If the company name is unfamiliar, look it up separately and look for complaints. And if the invoice includes a phone number or payment link, don’t use it until you’ve verified the company through an official source. Suspicious invoices can be reported at ReportFraud.ftc.gov.
Protect your digital life: See the current Lifelock identity theft plans and get your first year of the standard plan for just $7.99 per month.
The most common types of scams you should be aware of
Fraudsters are always upping their game, coming up with new and (their) fun ways to trick their targets. AI-powered scams are one example of this; technology is used to reach a large number of people with increasingly convincing techniques
But some tricks never go out of style. Most scams fall into a few common patterns, and many long-standing schemes are still a threat today. They have recently evolved to better fit today’s digital environment
- Fraudster scams: Fraudsters often pose as trusted figures such as government agencies, banks, employers and even friends or family to pressure victims into sending money or sharing personal information.
- Phishing and fraud: These scams use emails, texts or phone calls that appear to be from legitimate organizations. The goal is to trick you into clicking a malicious link, downloading malware or providing sensitive information
- Online shopping scams: Fraudsters can create fake online stores or listings with hard-to-find items at unusually low prices. After paying for an article, what you end up getting may be fake – or it may never arrive in the first place
- Investment scams: This type of scam often comes with promises of high returns from crypto, forex or other “exclusive” opportunities. Many involve long-term make-up schemes where victims are encouraged to invest more money over time before losing it all
- Scams in love:Some scammers try to get into your pocket by heart. They build relationships with you on dating apps or social media, then convince you to give up money and assets by creating contingency or investment opportunities.
Plans for everyone: Explore Aura identity theft options for you and your family, starting at $9 per month when you pay annually.
What to do if you are a victim – or the victim of a scam
No one is immune to fraud or embezzlement, but a few consistent practices can reduce their risk and the damage they cause.
First, be suspicious of unsolicited messages, especially those that create fear or urgency. This could look like an email from your bank threatening to close your account, a text from an online marketplace saying you’ll lose your rebate or a call from the IRS saying they’ll report you to the authorities unless you “act now.”
Scammers like to use this type of language because it puts you in a position, which they expect will move you to action.
Always confirm any requests from the organization by checking their official phone numbers, email or website. And don’t click on any links, download email attachments or reply to messages you suspect are fraudulent. A legitimate organization will not pressure you into immediate action or secrecy
Now, if you’ve already sent financial information or money to someone you suspect is a scammer, you’ll need to take a few steps to protect your data and possibly get your money back. Contact your bank, credit card company or payment platform immediately and try to stop or reverse the transaction. Be sure to change any passwords and enable multi-factor authentication to protect your accounts as well.
Reporting a scam can also help protect others. You can file a report with the Federal Trade Commission and local authorities at the nearest police department or sheriff’s office. Victims of identity theft should also consider temporarily freezing their credit
Finally, review your financial statements and credit reports regularly, keep your software up to date and limit how much personal information you share online. Fraudsters often rely on publicly available information to make their schemes more believable
More from Mali
How to Protect Yourself from Card Skimmers at ATMs and Gas Pumps
The Best Tools for Identity Theft Protection
Best Credit Monitoring Services
