“We’ve seen time and time again how scammers capitalize on people’s eagerness to travel as well as their desire to travel affordably,” said Steven Scheurmann, Regional Vice President, ASEAN, at Palo Alto Networks. “The travel industry is especially attractive for scammers as it is a huge source of sensitive and personal data, including stolen usernames, emails, and passwords, as well as customer data such as identity, payment, and contact information, which means both travellers and travel companies need to be very cautious.”
According to Palo Alto Networks, some of the most common travel-related scams include:
●
The use of malicious domains and URLs that impersonate well-known brands and
websites.
●
Phishing emails/SMS/WhatsApp texts to end
users to trick them into either downloading malicious attachments or APK files
or clicking on links that lead to malicious website pages or attachments.
Threat actors use themes that invoke a sense of urgency (such as outstanding
invoices) or emotional appeal to the end users with homecoming-themed emails as
we approach Eid).
● Offering a “shadow travel agency” service, they reach out to travellers through various social media platforms, providing travel-related bookings at heavily discounted prices. While travellers transfer clean money to the “shadow travel agency,” the “shadow travel agency” pays the actual service providers, such as hotels or airlines, with stolen payment information. Due to the time gap in payment processing, service providers only realize they have been defrauded when they see the disputed card transactions or chargebacks weeks or months later.
Meanwhile, organizations must implement security awareness training to improve employees’ ability to identify fraudulent emails, ensure that their organization’s data is regularly backed up as a defense against ransomware attacks initiated via phishing emails, enforce multi-factor authentication on all business-related logins as an added layer of security, and implement an end-to-end cybersecurity solution that allows for advanced URL filtering that detects unknown, newly malicious URLs quickly, identifies known samples as malware, and tracks related malware activities.
“Scammers and
attacks may affect the individual traveller, major travel corporations, as well
as small travel agents and operators—which means everyone needs to stay
vigilant in implementing ways to avoid these threats. As Filipinos travel to
celebrate Holy Week and spend time with their families, they must also remain
aware and cautious of malicious actors to stay safe amid the holidays,” closed
Steven.
----------------------------------------------------
About Palo Alto Networks
Palo Alto Networks is the world’s cybersecurity leader. We innovate to outpace cyber threats so that organizations can confidently embrace technology. We provide next-gen cybersecurity to thousands of customers globally across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we’re committed to helping ensure each day is safer than the one before. It’s what makes us the cybersecurity partner of choice.
At Palo Alto
Networks, we’re committed to bringing together the very best people in service
of our mission, so we’re also proud to be the cybersecurity workplace of choice,
recognized among Newsweek’s Most Loved Workplaces (2021), Comparably Best
Companies for Diversity (2021), and HRC's Best Places for LGBTQ Equality
(2022). For more information, visit www.paloaltonetworks.com.
No comments:
Post a Comment