Approximately one in five Americans have been scammed or nearly scammed when booking a vacation online, according to a new survey by virus software giant McAfee.
In a survey of 1,000 adults conducted this May, 18% said that they had or almost had fallen prey to vacation travel scams, and some 30% of travel-related scam victims reported they lost between $1,000 and $3,000.
A third (31%) of those vacation scam victims clicked on “a deal that was too good to be true,” McAfee said. Meanwhile, a small group of victims (13%) shared that their identity was stolen after sharing their passport details during the booking process.
“The last thing that consumers should have to deal with during or after a vacation is an identity scam or personal privacy issue,” said Gary Davis, McAfee’s chief consumer security evangelist. “While cybersecurity threats unfortunately exist during most stages of the booking and travel experience, consumers can take proactive steps to protect themselves and minimize the risk to ensure scams and other nefarious activities don’t spoil summer travel plans.”
The majority (80%) of survey respondents said they worry about having their identity stolen during the research and booking process or while traveling abroad for summer vacations. Despite these worries, less than 25% of travelers feel they have the right security in place to prevent their identity from being stolen.
“One of my clients called me after she paid – with a debit card – for a Mexico trip online with a company that turned out to be in Syria,” said Lynda Phillippi, owner of Renaissance Travel and Events, in McMinnville, Oregon. “They took the money, but their rooms and air were never booked. It was a total scam. We fixed her up, but yes, it happens – and usually when people are trying to get ‘a good deal.’”
“A common event is that those representing themselves as agents purchase domain names that are similar to popular sites. Often, these phony sites are first in the search, have the resort name listed, and end up being a site selling timeshare stays,” said Jeni Chaffer, owner of Journeys Travel Inc.
“So many online sites also do not provide complete information or even all the necessary details. Travel agents pride ourselves on providing every detail, answering every question and handling any hiccup that might happen,” she said.
In a May 23 blogpost, called “Make it a Scam-Free Vacation,” the Federal Trade Commission (FTC) suggested consumers, “First, get recommendations from family and friends on good travel agencies, vacation rentals, hotels and travel packages — before responding to offers.”
Popular destinations are potentially more prone than others
In separate research, McAfee also ranked the top five summer destinations that showed the highest concentration of “potentially malicious” websites. They are Cabo San Lucas, Mexico; Puerto Vallarta, Mexico; Amsterdam, Netherlands; Venice, Italy; and Canmore, Canada.
“Taking advantage of the high search volumes for accommodation and deals in these popular destinations, cybercriminals drive unsuspecting users to potentially malicious websites that can be used to install malware and steal personal information or passwords,” McAfee said.
The riskiest holiday destinations were identified using top holiday destination and search terms, which are more likely to yield potentially malicious websites in the results, including: 2019 vacation, all-inclusive vacation, best vacations 2019, cheap trip deals, last minute vacation, travel deals, vacation and vacation deals.
An overall risk percentage was calculated for each destination using the total number of risky websites divided by the number of search results returned. Using McAfee WebAdvisor data, resulting domains and URLs were measured and assigned a risk of “high,” “medium” and “unverified.”
Travelers don’t keep their data safe
McAfee’s survey also found that 31% of consumers “are leaving the door open to fraud because they do not check the authenticity of a website before booking a trip online.”
Despite 36% of people expressing concerns of having their personal data stolen while on vacation, 42% said they either do not check the security of their internet connection or willingly connect to an unsecured network while traveling.
Other potentially dangerous travel and technology behaviors included 40% of Americans using work devices while on vacation, 66% of travelers checking and sending e-mails, and 35% managing money through a banking app.
“Despite work devices being connected to a wealth of personal and private data via corporate cloud, email and productivity services, the vast majority admitted they connect to public WiFi in the airport (46%) and the hotel (69%), potentially putting sensitive business information at risk,” McAfee noted in its report.
Additional FTC tips include:
- Look up travel companies, hotels, rentals and agents with the words “scam,” “review,” or “complaint.”
- Get a copy of the cancellation and refund policies before you pay.
- If you’re buying travel insurance, be sure the agency is licensed.