While travel scams are common occurrences, with new research reporting that 1 in 5 Americans are falling victim to a travel scam while booking their next trip, travel advisors, who often work with sensitive information like credit card numbers and passport numbers, are also just as likely to fall into scams, be hacked or face other cybersecurity threats.
With the proliferation of AI across the web, threat actors can now make malicious emails sound more convincing, create websites or links that look legitimate and can even mimic people’s voices over the phone.
Jay Johnson, President of Coastline Travel Group, has found many of his travel advisors becoming unfortunate victims of hacks and scams—sometimes costing them upwards of $80,000 or locking them out of their emails until a ransom is paid.
“There’s a lot of scams out there right now, and they seem to be targeting the agency community…” said Johnson. “With the advent of AI, it can be harder and harder to see which one’s a scam and which one’s not.”
According to Travel Industry Solutions, Booking.com alone saw a 500 to 900 percent increase in travel scams during the past two years or so, largely due to AI. TIS has released its own fraud prevention tool built specifically for travel advisors this year.
Ways to Stay Safe From Scams and Hacks as a Travel Advisor
Frustrated travel advisor. (Photo Credit: Adobe Stock/Elnur)
So how, in the age of AI, can travel advisors protect themselves from the very real risk of hacks and scams?
A lot of scams with advisors happen via email, so securing it is paramount to preventing most cybersecurity threats.
1. Preventing Financial Scams
One specific scam occurs when advisors have no other communication with the client except via email. The scam will begin with a last-minute request for a trip or flights, which can be a red flag that someone is using a stolen credit card or identity.
Money scams can also be led by AI, with emails sounding more legitimate thanks to AI’s ability to copy and mimic a supplier, tour operator or client.
“AI has definitely made it a bit more challenging to weed out the scams from the legitimate potential clients,” said Becky Skidmore, an advisor with Travelmation. “The one thing that has helped me most is that I require clients to have a 30-minute consultation call with me to get started. It not only weeds out real clients from the fake ones, but it encourages a stronger relationship with the client.”
Calling or meeting in person is a great way to confirm if a client is legitimate or not.
Additionally, if someone, supplier or client, sends you an email requesting a last-minute change to a payment or a wire transfer, treat it as a likely scam and contact the client or supplier via an alternate communication method, like a phone call via a trusted phone number.
2. Secure Email with Two-Factor Authentication and Be Wary of All Links
Advisors’ emails are at high risk of being hacked. Two-factor authentication can solve the majority of password hacks.
Coastline Travel Group recommends advisors use two-factor authentication and change their passwords every 90 days; since implementing this new rule, there have been no reports of password hacks.
Advisors should take their time in their inbox, verifying email addresses, phone numbers and links. Make sure to hover over links to see the full URL: sometimes what may seem like a legitimate email with a normal link is a wolf in sheep’s clothing.
If you, as an advisor, receive an email from a trusted supplier with a document or links you didn’t request, do not open the document or link. Instead, contact the supplier directly from an alternate communication method to discuss the email.
3. Get Cyber Insurance to Protect From the Worst
Another important tip? Get cyber insurance with your ENO insurance plan. Many companies offer an additional cyber insurance policy, and it’s one Coastline Travel Group now recommends to all advisors to provide additional protection in the case of a cyberattack.
“We are strongly recommending that they get cyber insurance,” said Johnson. “Cyber insurance is an add-on to most errors and omissions (ENO) policies. It does not come standard…It’s really inexpensive too, and it’s great peace of mind. Errors and omissions will not cover you for cyber crimes, unless you get the additional policy added.”
Practical Tips for Securing Your Work Computer
Cybersecurity is an increasingly important topic in the travel industry. (Photo Credit: NiK0StudeO / Adobe Stock)
Work computers for advisors might contain personal information like passport numbers and trip itinerary information, making them targets for scammers and hackers alike.
Advisors should ensure they have good antivirus installed on their computer, utilize a paid VPN (not a free one) while traveling and working at the same time and favor longer passwords for extra security.
Use a personal hotspot for Wi-Fi instead of free Wi-Fi, as unsecured networks can be targets for hackers. Free networks can also be set up by threat actors to mimic trustworthy networks, like at libraries and airports.
If you receive any pop-ups about a potential threat from what resembles your computer’s operating system while on unsecured Wi-Fi, immediately turn off the Wi-Fi connection and turn off your laptop, as this is a hack in progress.
As someone who works with sensitive information, advisors should also take some time to routinely clean their computer of documents they no longer need, especially if they have sensitive information like home addresses.
This way, if a hack were to occur, the threat actor would compromise less people and access less information.
If you as an advisor have access to an IT department with your host agency or consortia, utilize them for information on how to keep your business safe, and send them any emails that look suspicious. By doing so, you might prevent a lot of people from being hacked.
Many times, keeping you and your business safe online seems like a losing battle with so many methods and threat actors. Yet by taking important steps to secure your email inbox from threat actors and using caution every time you’re in your inbox, you can prevent many of the crimes that might otherwise occur.
For the latest travel news, updates and deals, subscribe to the daily TravelPulse newsletter.
