Criminals Are Capitalising on Bespoke Travel Services on the Dark Web, Including Discounts and Deals on Bookings
When you think of the dark web, a range of illegal activities likely comes to mind. The dark web is an unregulated part of the internet that cannot be accessed through standard browsers like Chrome or Safari.
While the dark web itself isn't inherently illegal, its unregulated nature (despite being monitored by law enforcement) makes it a haven for criminals worldwide. It's a hub for trading illegal goods, stolen data, and more. But did you ever imagine hackers would use it to offer travel services?
The Travel Industry: A Vulnerable Target
In the world of travel, it's common for people to seek out bargains. Most consumers are on the lookout for deals, discounts, offers, promotions, or ways to use loyalty points for a better deal. Cybercriminals are well aware of this consumer behavior, which is why there's a thriving underground market for travel-related services on the dark web.
What’s on Offer and How Does It Work?
The dark web offers an array of travel-related services, ranging from discounted hotel rooms and cheap flights to free airline lounge access and heavily discounted gift cards for major hotel chains or airlines.
But how do hackers manage to provide these discounts and deals?
Frequently, these services involve stolen goods. For example, criminals may use compromised data to steal valid airline points or access someone's bank account, enabling them to make bookings or purchases with stolen funds. Data can be stolen in various ways, such as through data breaches, info-stealing malware, or scam attacks. This stolen data is then sold at a discounted price on the dark web.
Cybercriminals might also gain access to accounts within legitimate travel organisations, such as hotels, airlines, or travel agencies. This access enables them to make fraudulent bookings or manipulate existing data. An example of this is a breached NCL (Norwegian Cruise Liner) database we found in 2020, where a travel agent’s portal had been breached.
For example, here’s a snapshot from a dark web forum where hackers advertise these illicit services:
The Rising Sophistication of Cybercrime in Travel
One of the alarming aspects of this trend is the increasing sophistication with which cybercriminals operate. These aren't always just isolated incidents; organised crime groups are often behind these operations, using advanced techniques to avoid detection. This includes the use of botnets to automatically scrape travel sites for vulnerabilities, phishing campaigns targeted specifically at employees of travel companies, and even social engineering tactics to gain access to secure systems.
These criminal networks are also leveraging emerging technologies like artificial intelligence (AI) to refine their tactics, making it harder for traditional security measures to keep up. For instance, AI-driven algorithms can identify patterns in booking behavior to exploit them more effectively, or automatically generate convincing fake travel documents and booking confirmations.
The Broader Impact on the Travel Ecosystem
The ramifications of these activities extend beyond the immediate financial losses. The integrity of the entire travel ecosystem is at stake. If consumers lose trust in the security of booking platforms, airlines, and hotel chains, it could lead to a significant downturn in the travel industry. Additionally, the potential for widespread data breaches means that personal information, travel history, and even biometric data could be compromised, leading to further exploitation.
Travel companies must recognise that they are part of a larger network, and a breach in one area can have cascading effects throughout the industry. This interconnectedness means that a robust, proactive and preventative approach to cybersecurity is essential.
What Should Individuals and Businesses Do?
Both businesses in the travel sector and consumers must stay vigilant and aware of these emerging threats.
For businesses, they should ensure that they are:
- Regularly updating systems to eliminate vulnerabilities
- Regularly updating passwords
- Implementing comprehensive cyber training/education for all staff members
- Using strong passwords and multi-factor authentication across all systems
- Monitoring systems for suspicious activity
- Conducting dark web monitoring, data breach monitoring, and vulnerability scanning
- Employing a cyber risk management system, such as Breach Defence, to detect early signs of an attack
For individuals, adhering to ongoing cyber best practices is essential for protecting assets:
- Regular vulnerability scanning and data breach monitoring
- Regularly update passwords
- Remain cautious of the data you are leaving on websites
- Check the legitimacy of websites before engaging
- Using anti-virus software and complex passwords with multi-factor authentication
- Educating yourself on cyber threats, particularly phishing
- Leveraging cyber risk management tools like Cyber Xpert
Stay Protected with DynaRisk
At DynaRisk, we believe everyone should have access to cybersecurity tools to protect themselves, their businesses, and their families. We partner with industries worldwide, particularly in the insurance and financial sectors, to provide our software as part of a cyber insurance policy, cyber protection program, or benefit.
To learn more about our products, visit our product or solutions pages. For more information or a quick chat, contact us at info@dynarisk.com.