Hospitality Industry Under Attack For Credentials, PII Theft

Researchers found that the hospitality industry is the most susceptible to cyberattacks. The study, which analyzed logs from November 2017 to March 2018, found that fake accounts and intrusions via botnets targeting hotel, airline, cruise, and travel websites have increased in particular countries. Out of the 112 billion bot requests and 3.9 billion malicious login attempts on the targeted sites analyzed, almost 40% of the attacks came from “browser impersonators” or known fraud vectors.

These sites are a lucrative source of income for organized crime groups because of the personally identifiable information (PII) stored and processed by these establishments. From credit card data to proofs of identity required by local laws, stolen PII can be sold in bulk for low prices in the underground market, or simply used to rack up fraudulent purchases. Further, identity credentials can be used to access other possible online accounts, given individuals’ tendencies to reuse usernames and passwords for multiple online accounts. Businesses such as hotels and airlines also provide customer incentive systems that hackers can abuse.

[Read: Travel Hacks: How cybercriminals tour the world on the cheap]

The researchers caution that since threat actors consider the hospitality sector “low-hanging fruit,” establishments in the industry should be diligent with their security. They also warn that travelers must be on guard whenever they use public facilities such as wi-fi hotspots, as these are known attack vectors for delivering malware or for network infiltration.

As the world grows more connected with the conveniences offered by online transactions and data storage, enterprises and individuals should ensure that their data and assets are protected from malicious actors seeking to steal data to make a profit. Other than data theft affecting vital infrastructure, it can also compromise the victims' privacy. Here are a few suggestions to make sure your systems are secured:

For enterprises:

  • Be wary of foreign nationals purchasing or making reservations for citizens registered in other countries, or customers using different names but with the same billing address.
  • Be cautious of agencies who book outside their time zone’s working hours. Most legitimate travel agencies do not book for their clients outside their respective geographical time zones.
  • Educate employees and partners of the current trends on cyberthreats. Spread awareness of social engineering tactics, and enforce guidelines for employees once they identify these types of threats. Coordinate with law enforcement agencies when suspicious transactions are spotted.
  • Install a multi-layered security system to ensure safety from the gateway to the endpoint. Data breaches not only damage the business operations’ infrastructure; they can also destroy the enterprise’s reputation.

For individuals:

  • Purchase tickets and make reservations only from legitimate vendors, trusted agencies, or directly from the airline, hotel, or cruise ticketing companies.
  • Ensure that the details stated in purchased tickets are yours.
  • Pay close attention to the URLs of links sent to your emails for social engineering attacks, especially during peak travel or holiday seasons. The embedded URL may be different from the legitimate company’s, and hovering above the links may show a different target URL address.
  • Enable 2FA on all your online accounts, especially for purchases.

[Read: Security 101: Protecting wi-fi networks against hacking and eavesdropping]


Like it? Add this infographic to your site:
1. Click on the box below.   2. Press Ctrl+A to select all.   3. Press Ctrl+C to copy.   4. Paste the code into your page (Ctrl+V).

Image will appear the same size as you see above.