Actu
Expert comment on rising travel scams
June 2024 by Matt Aldridge, Principal Solutions Consultant at OpenText Security Solutions
Booking.com’s internet safety boss, Marnie Wilking, who said there had been anywhere from a 500 to a 900% increase in the past 18 months.
She further added, there had been a particularly marked increase in phishing - where people are tricked into handing over their financial details - since generative AI tools like ChatGPT burst onto the market.
Matt Aldridge, Principal Solutions Consultant at OpenText Cybersecurity, says, "The statement from Booking.com is unsurprising as we are already seeing a rapid rise in travel scams across the globe. AI has brought in many benefits, but it has certainly posed serious security risks for consumers and businesses alike, both of which are already grappling to avoid advanced online threats.
AI is well and truly in the cybersecurity spotlight, given it can be used by both attackers and protectors in a multitude of ways. For cyber criminals, they can use AI as a tool to support their attacks and make phishing attempts look more legitimate. AI also significantly enhances targeted attacks like spear phishing. Previously, attackers had to manually select and research targets for susceptibility to social engineering. Now, AI can automate this process, identifying likely victims and crafting convincing phishing lures. This lowers the barrier to entry, allowing even less sophisticated actors to launch effective, lucrative campaigns.
AI also can generate believable deepfake audio and video to help scammers to achieve their goals, and AI even can accelerate exploit development. Traditionally, exploiting software vulnerabilities required high expertise to interpret and exploit CVEs (Common Vulnerabilities and Exposures). Now, AI models have been shown to generate exploit code directly from CVEs, speeding up the process and enabling more actors to engage in exploit development, leading to increased data theft and ransomware attacks.
As AI becomes more pervasive and impactful, society is justifiably becoming more concerned with its implications and unintended consequences. As an AI fan, I want to see it deployed widely in positive ways, but its trust needs to be earned, and whenever bias or misuse occurs and makes the news, that trust is degraded.
To stay protected online, never share personal information, bank details, or home address with someone you don’t know or an organisation you don’t fully trust. Use your instincts—if something feels off, it’s better to be cautious and avoid clicking on links that seem suspicious. Purchase services only from reputable firms and ensure that you are truly dealing with that firm, not a lookalike phishing site.
It’s equally important for businesses to continuously improve their own security measures, to deter fraudulent activities, raise awareness and keep their customers safe."
