SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Spammers phishing tourists with travel-themed lures - Bitdefender
Fri, 20th Jan 2023
FYI, this story is more than a year old

Spammers are phishing eager holidaymakers with travel, themed lures, according to new research from Bitdefender Antispam Lab.

Bitdefender says cybercriminals have set their sights on exploiting eager travellers in 2023, which is at least partly in response to global tourism being expected to grow by 30% this year.

The latest Bitdefender Antispam Lab telemetry presents notable travel-themed spam campaigns aimed at stealing data and financial information from unsuspecting individuals, which the company's researchers first detected on December 20, 2022, and continued throughout the holiday period and beyond.

The company says spammers targeted English-speaking recipients, with the research finding that 53% of correspondence targeted US inboxes.

Additionally, Ireland received 10%, India 6%, the UK and Africa 5% each, and Germany got 4%.

Scammers also targeted other European countries, such as France, Sweden, Denmark and Italy.

Bitdefender Labs' researchers also found that just 40% of travel-themed spam emails arriving in inboxes over 30 days were marketing lures.

The 60% left was marked as scams, including some that used the names of prominent airlines to feign authenticity and access users' sensitive information and travel rewards or loyalty accounts.

The list includes Southwest Airlines, Ryanair, Lufthansa, Air France-KLM and American Airlines.

Travel rewards programs and gift cards are among the most exploited subjects, and examples include:

  • Congratulations! A United Airlines reward has arrived!
  • Congrats! You've received a Southwest Airlines reward
  • Shopper, You can qualify to get a $90 American Airlines gift card!
  • Confirmed Your American Airlines Reward

Airline loyalty programs are a particularly desirable digital asset for cybercriminals because they hold a range of personally identifiable information on travellers and airline points that criminals can monetise on the dark web.

For example, phishing emails pretending to be from German carrier Lufthansa urged recipients to complete a form to redeem 24 euros worth of miles.

Further, a second campaign told individuals about suspicious transaction attempts on their accounts that the scammers say led to the temporary restriction of their credit cards.

Most giveaway and survey scams offer recipients free miles and gift cards ranging from $90 to £500.

Moreover, scammers also predict consumer behaviours and incentives that will prompt them to book or buy travel packages.

An example of this was a fake survey aimed at stealing personal and financial information from users.

The company's Antispam Lab findings come after Bitdefender released a decryptor for the MegaCortex ransomware family.

This decryptor was built in cooperation with Europol, the NoMoreRansom Project, the Zürich Public Prosecutor's Office and the Zürich Cantonal Police.