“Marnie Wilking”, the information security officer at “Booking” – known as one of the world’s top hotel search engines – revealed that artificial intelligence has greatly contributed to the increase in phishing fraud operations, with the hotel and restaurant sector, previously distant from such operations, now also being targeted; according to the BBC report.
She emphasized that everyone, especially during the summer holiday season, should be aware of the need to be cautious of fraud attempts using advanced artificial intelligence techniques.
At the “Collision” Technology Conference in Toronto, Canada, “Booking” explained that “attacks, especially phishing fraud attacks, have increased by a staggering 500% to 900% over the past year and a half, across all sectors worldwide.
“Phishing” is defined as an operation aimed at stealing a user’s identity or secret information such as access codes and banking details, etc., through deception, via a link in an email received by the user.
Fraudsters pretend to be official entities such as banks, delivery platforms, or customs authorities, and mimic the authentication system. Their goal is to convince the victim to visit the fraudulent site that looks similar to the original site, leading the victim to enter their secret information.
Travel sites can be a treasure trove for fraudsters; where users looking to book travel tickets or hotel accommodation may need to provide their credit card details or upload copies of identification documents.
While phishing originally existed through email, the expert pointed out that “the increase began shortly after the launch of “Chat GB” at the end of 2022, a program that generates responses to simple daily language requests.
She noted that a hotel employee, prompted by a guest service email, “may likely open the attachment file”, which is actually a malicious program that exploits the nature of this service sector. Therefore, users, whether they are seeking bookings or travel and hospitality institutions, should engage in two-factor authentication while browsing the internet.
She explained that two-factor authentication requires more than just entering a username and password, as users are asked to verify their identity through an additional factor, which may be a one-time code sent to their mobile devices or generated by an authentication app.
The expert affirmed that this additional step, despite the extra effort it requires, is “by far the best way to combat phishing fraud and data theft”. She advised users to “not click on anything suspicious”, and urged them to “contact the owning entity, hosts, or customer service”. She also mentioned the close collaboration between “Booking” site and other prominent entities in this field.
An increase was observed by travel booking sites in activities originating from governmental agencies believed to be from Russia and China, accused of carrying out harmful actions online or spying on customers.
(Al-Sabq)
