Travel & Hospitality FraudHow it Works & How to Stop it

Examining the Current State of Travel & Hospitality Fraud & What Can be Done to Eliminate it

Anticipation is high as we head into the peak of the summer travel season. However, the excitement isn't exclusive to vacationers; fraudsters are ramping up their operations as well.

There’s a significant subset of cybercrime that thrives on hospitality and travel fraud. It poses a significant threat to industry professionals, as well as consumers seeking deals on last-minute getaways.

A recent study from Recorded Future unearthed 4,000 instances of airline and hotel fraud worldwide on the dark web last year. Alarmingly, the airline sector witnessed a whopping 530% surge in cybercrime incidents, even amid the covid-19 pandemic.

What’s the scale of the threat posed by travel fraud? And, is there anything that professionals in the travel space can do to manage the threat?

The State of Travel Fraud

Cybercriminals have been exploiting the travel and hospitality sectors for years. So, it’s probably wise to start by getting a quick survey of the current situation.

There are a lot of opportunities for travel-focused fraudsters. For instance, scammers may employ stolen card-not-present (CNP) data, or use pilfered loyalty points to procure travel services, which are then resold at a steep discount. To carry out these transactions, criminals create fake accounts, hijack legitimate ones, or manipulate unscrupulous hosts to process payments without actual bookings. Criminals can source fraudulent listings from accounts compromised by brute force attacks or purchased on the dark web.

That’s just one example. Travel fraud can encompass anything from fake “travel agency” services, to peddling forged vaccination records and certificates.

This fraudulent industry is thriving. One report exposed $1.2 million in illegal sales during the first three quarters of 2021. Of course, this is likely just scratching the surface.

Projected to be valued at over $11 billion by 2025, loyalty card programs have really caught the eye of fraudsters in recent years. Like stolen CNP data, reward points can be used to book travel services.

Loyalty fraud is particularly challenging to spot. Culprits usually have enough personal information, procured via social engineering or other means, to convincingly impersonate the real account holder. The lax security around reward accounts often leaves the genuine user unaware of the breach until they check their balance.

The Impact of Data Breaches

Data breaches are a significant driver of travel and hospitality fraud. Since the start of 2021, around 4 million compromised credentials were found to be associated with attacks on airlines, travel, and hospitality entities globally.

Phishing, another time-tested method, is also a popular method for acquiring personal information to facilitate these scams. In 2021, scammers employed phishing to target users of the Transportation Security Administration's (TSA) PreCheck, Global Entry, and NEXUS application service websites.

Collectively, the International Air Transport Association (IATA) estimates airlines' losses to credit card fraud at more than $1 billion each year. However, even this figure does not reflect the full cost. For each dollar lost to fraud, merchants incur an additional $3.75 in losses due to chargeback fees, squandered overhead, needless administrative costs, and unpaid bookings.

Keep in mind that excessive chargebacks could land you in a fraud monitoring program. If not resolved promptly, the issue could result in losing your payment processing capabilities altogether.

What Can be Done About Travel & Hospitality Fraud?

There are a number of measures consumers can take to counter the increasing prevalence of travel and hospitality fraud. Adhering to best practices, like those outlined below, can help them reduce risk exposure:

• Avoid Generic Searches: Search terms like “best deals” can sometimes lead to misleading websites masquerading as legitimate, designed solely to defraud consumers.
• Stay Vigilant: Shoppers should be wary of unsolicited phone calls, letters promising a free trip, or websites offering deals that seem too good to be true.
• Research Thoroughly: Before committing to any service, travelers should ensure they've researched the business and read customer reviews.
• Written Confirmation: Travelers should get written confirmation detailing the total cost, restrictions, cancellation penalties, and specifics of airlines and hotels.
• Consider Travel Insurance: Travel insurance provides coverage for situations such as trip cancellations or medical emergencies.
• Use Credit Cards: Credit card payments offer added protection should something go awry with a travel reservation.

That’s good news for consumers. What about travel industry and hospitality merchants,  though?

It's crucial to patch critical systems against vulnerabilities. Keep up-to-date on changes within the industry, and having and routinely testing an incident response plan, will prepare you for inevitable changes requiring updates.

Incorporating machine intelligence into these efforts will be crucial, too. Practices like monitoring the dark web for customer credentials stolen from compromised devices, or unauthorized access to your networks, is not something you can manage manually. AI can make this process manageable, though.

The Role of Artificial Intelligence

The initial line of defense against eCommerce fraud depends on swift checkout analysis. AI tools can scrutinize vast data sets in real time, even integrating data from diverse sources.

The benefits are immediately evident. AI can enable accelerated transaction resolution, and make more precise decisions based on considerably larger datasets than an individual merchant can generate. AI-driven fraud detection might employ:

• Machine Learning: The computer refines its sophisticated algorithmic processes over time through answering consecutive queries, thereby "learning" to better identify threats.
• Natural Language Processing (NLP): Analyzing a buyer's speech patterns could unveil potential identity theft or bot activity.
• Machine Vision: The computer might use visual data provided by the buyer to verify the user's identity and affirmations.

These tools are just a few examples. A refined AI system can combine data from these technologies and traditional fraud detection tools to comprehensively examine each transaction. Such a system could simplify your risk profile understanding and generate a dynamic perspective of each individual payment.

AI offers compelling prospects for the travel industry. However, it's worth noting that it can only perform effectively as part of a broader fraud management strategy.

Learn more about fraud management

The Road Ahead: 2024 & Beyond

Fraud and chargeback management in the contemporary travel industry demands an integrated solution.

Your strategy must combine traditional and machine-learning tools, alongside human expertise, as part of a multifaceted approach. This is the only effective way to mitigate risks from criminal activities, consumer chargeback abuse, mistakes, and procedural lapses.

Creating and sustaining a viable strategy for fraud and chargeback management is a complex process, though. It necessitates a substantial initial investment in tools, technology, and hardware. Plus, a dedicated team is required to analyze transaction data, scrutinize suspicious transactions, and handle unfounded dispute claims.