A goldmine for scammers, Booking site sounds the alarm on AI-related travel scams

A goldmine for scammers, Booking site sounds the alarm on AI-related travel scams
A goldmine for scammers, Booking site sounds the alarm on AI-related travel scams

Marnie Wilking, head of information security at Booking, believes that generative AI has caused an explosion in phishing scams and that the hotel and restaurant sector , long spared, has also become a target.

“Over the past year and a half, all industries combined, we have seen an increase of 500 to 900% in attacks, particularly ‘phishing’, throughout the world”says Ms. Wilking on the sidelines of the Collision technology conference in Toronto.

“Phishing” consists of the theft of identity or confidential information (access codes, bank details, etc.) by subterfuge, via a link contained in an email.

An authentication system is simulated by a malicious user, impersonating official bodies, such as banks, delivery platforms or customs authorities.

The objective is to convince the victim to visit the fraudulent site – which resembles the authentic site – so that they enter confidential information.

A gold mine for scammers

Travel websites can be a goldmine for phishing scammers, as travelers often need to provide credit card details or upload identification.

If phishing already existed through electronic messaging, this expert notes that “the increase started shortly after the launch of ChatGPT”at the end of 2022, which generates content on a simple request in everyday language.

Hackers “are undoubtedly using artificial intelligence to launch attacks that mimic emails far better than anything they have done so far”believes Ms. Wilking.

Thanks to generative AI tools, scammers can now work in multiple languages ​​and with better grammar than before, Wilking said.

To do a favor for a so-called customer, a hotelier “will probably open the attachment”which is actually malware, which “enjoy the helpful nature” of the sector.

“False properties”

To stay safe, travelers and hosts should sign up for two-factor authentication when surfing the internet.

In addition to providing a username and password, two-factor authentication requires users to verify their identity through an additional factor, such as a one-time code sent to their mobile device or generated by an authenticator application.

“I know it can be a bit of a pain to set up.”admits this expert, believing that this additional step “remains by far the best way to combat phishing and credential theft.”

“Don’t click on anything that seems suspicious” And “If you have any doubts, call the property, hosts and customer service”she advises.

AI models to detect scams

For Marnie Wilking, the Booking site and other major players in the sector are cooperating closely by relying more and more on AI in this fight, which contributes, for example, to thwarting the proliferation of false properties on platforms published in a price well below the market.

“We have artificial intelligence models in place to detect these scams and either prevent them from the start or remove them before there are any bookings”explains this woman with round colored glasses.

Still marginal for the moment, travel sites have seen a proliferation of alleged state actors – believed to be Russia and China – accused of carrying out malicious acts online or spying on customers.

“Why would a nation state go after a hotel chain? If it’s a hotel chain that they know is frequented by a U.S. senator, why wouldn’t they go after She ?”she points out.

-

-

PREV Demonstration in support of Duralex in Orléans: “The court must make the right decision”
NEXT Stoppage of gas transit via Ukraine redefines LNG routes