McAfee reveals how cybercriminals are capitalizing on consumers’ risky travel booking habits. The findings show that popular summer destinations in Mexico, Europe – and, surprisingly, Canmore, Canada – generate the riskiest search results when people are hunting for vacation deals online.
Top summer destinations hackers are targeting via potentially malicious sites:
1. Cabo San Lucas, Mexico
2. Puerto Vallarta, Mexico
3. Amsterdam, Netherlands
4. Venice, Italy
5. Canmore, Canada
Taking advantage of the high search volumes for accommodation and deals in these popular destinations, cybercriminals drive unsuspecting users to potentially malicious websites that can be used to install malware and steal personal information or passwords. Unfortunately, McAfee’s survey of 1,000 Americans found that nearly one-third of consumers (31%) are leaving the door open to fraud because they do not check the authenticity of a website before booking a trip online.
Bargain shopping can have a high cost
McAfee’s survey confirms that cybercriminals’ tactic of targeting vacation goers is paying off, with nearly one-fifth of consumers (18%) reporting that they have been scammed, or came very close to being scammed, when booking a vacation online. Bargain-hunting Americans are most at risk, with nearly a third of vacation scam victims (31%) being defrauded after spotting a deal that was too good to be true.
Unfortunately, risky bargain shopping behavior can come at a high cost with approximately 30% of travel-related scam victims reported that they lost between $1,000 and $3,000 as a result of the fraudulent activity. Meanwhile, a small group of victims (13%) shared that their identity was stolen after sharing their passport details with cybercriminals during the booking process.
The majority of survey respondents (80%) shared that they worry about having their identity stolen during the research and booking process or while traveling abroad for summer vacations. But despite these worries, less than 25% of people feel that they have the right security in place to prevent their identity from being stolen.
“The last thing that consumers should have to deal with during or after a vacation is an identity scam or personal privacy issue,” comments Gary Davis, McAfee’s Chief Consumer Security Evangelist. “While cybersecurity threats unfortunately exist during most stages of the booking and travel experience, consumers can take proactive steps to protect themselves and minimize the risk to ensure scams and other nefarious activities don’t spoil summer travel plans.”
Keeping your data safe
Despite 36% of people expressing concerns of having their personal data stolen while on vacation, almost half (42%) said they either do not check the security of their internet connection or willingly connect to an unsecured network while traveling.
With 95% of Americans using their personal devices on vacation, it is concerning to discover network security is not being prioritized. This is further amplified by the finding that people are using devices for data-sensitive activity such as checking and sending e-mails (66%) and managing money through a banking app (35%).
Additionally, two in five (40%) Americans said they use work devices while on vacation. Despite work devices being connected to a wealth of personal and private data via corporate cloud, email and productivity services, the vast majority admitted they connect to public Wi-Fi in the airport (46%) and hotel (69%), potentially putting sensitive business information at risk.
McAfee’s tips for identifying authentic booking sites and safe surfing on holiday:
1. Only access verified websites. Only click on websites that your security software has identified as being safe. For example McAfee WebAdvisor will identify safe websites with a green checkmark and will block malware and phishing sites if you accidentally click on a malicious link from your search results.
2. Use trusted platforms and verified payment methods when finalizing your bookings. Fraudsters may try to lure you away from a trusted platform with the promise of discounted rates. Remember to keep all your communications and bookings to trusted platforms, such as HomeAway.com, and verify the site before entering payment information. This will help protect you from phishing and other cyber fraud.
3. Utilize an identity theft solution. With all this personal data floating around online, it’s important that you protect your identity. Use an identity theft solution, such as McAfee Identity Theft Protection, to help protect personally identifiable information from identity theft and fraud.
4. Always connect with caution. If you have to conduct transactions on a public Wi-Fi connection, use a virtual private network (VPN) like McAfee Safe Connect to help keep your connection secure.
Research methodology
McAfee conducted research into the riskiest holiday destinations, using McAfee WebAdvisor site ratings to determine the number of risky websites generated by searches on Google, Bing, and Yahoo!, that included top holiday destinations and search terms likely to yield potentially malicious websites in the results. An overall risk percentage was calculated for each destination using the total number of risky websites divided by the number of search results returned. “Riskiest vacation destination” really means that these destinations are likely popular search subjects.
Search terms used this year:
- 2019 vacation
- All-inclusive vacation
- Best vacations 2019
- Cheap trip deals
- Last minute vacation
- Travel deals
- Trip accommodations
- Vacation
- Vacation deals
- Vacation packages
Using McAfee WebAdvisor data, resulting domains and URLs were measured and assigned a risk of “high,” “medium” and “unverified.” URLs were then given a score between negative 127 and positive 127 with higher scores indicating a riskier website. The score was calculated using the following formula:
Danger = 1*(high count) + 0.5*(medium count) + 0.1*(unverified count)
The most popular summer vacation destinations were identified based on HomeAway destination booking data for summer holidays in 2018.
McAfee additionally commissioned 3Gem to conduct a survey of 1,000 adults in the US on their travel booking habits in May 2019.
