EchoLeak: Critical Zero-Click Vulnerability in Microsoft 365 Copilot
A critical security vulnerability discovered in Microsoft 365 Copilot highlights that there is a risk associated with AI-powered business tools that we must continue to…
Travel Scam Alert: Protect Yourself from Online Booking Fraud
The summer holidays are nearly here, and many travelers have already begun making their plans and bookings. Travel scams continue to rise, with online booking agencies reporting sharp increases in fraudulent activity over the past 18 months, largely driven by sophisticated phishing attacks and fake listings.
This was highlighted recently in a post that described how a hotel account had been hacked and taken over. The threat actor then used this access to message travellers directly, via the same messaging feed previously used by the hotel. This resulted in final payments being diverted to the threat actors account, having a detrimental affect on the users confidence and defrauding them out of hundreds of pounds.
Cyber criminals are exploiting the popularity of online travel bookings using these techniques:
- Creating fake accommodation listings using stolen pictures that lead victims to arrive only to find the property doesn’t exist or is already occupied.
- Cloning legitimate websites, tricking users into entering personal and payment details on fraudulent platforms.
- Phishing emails and messages, sent to prompt users to click malicious links or provide sensitive information.
Becoming a victim of these scammers can lead to:
- Financial losses – according to Action Fraud, the average loss per holiday fraud victim in 2024 was £1,844.
- Personal data theft – fraudsters may harvest your personal information to commit further fraud.
- Ruined holidays – arriving at non-existent accommodations or losing your holiday due to financial losses.
How to Stay Safe:
- Book through reputable platforms and ensure the website is legitimate by checking the URL, and looking for secure connections (https).
- Avoid direct bank transfers. Instead, use credit cards or secure payment methods that offer fraud protection.
- Use only the official messaging system on the booking platform, and be wary of any new or changed payment requests.
- Be skeptical of too-good-to-be-true deals, as this is a red flag from the outset.
- Verify property details by checking listings on other platforms, using online maps to confirm existence, and checking the property’s own website.
- Check for ATOL or ABTA protection, which provides additional security for your bookings.
Remember to take a moment and think before parting with your money or information. If you feel something is wrong or you become a victim:
- Contact your bank or card provider immediately.
- Contact the Cyber and Fraud Hub for help and support on 0808 281 3580 or reach out to [email protected]
- Contact the Police on 101, to report the crime.
Related articles
Microsoft’s June 2025 Patch Tuesday: One Zero-Day and Ten Critical Vulnerabilities Among 66 CVEs
Microsoft has released its June 2025, Patch Tuesday security updates addressing 66 vulnerabilities across its software ecosystem. This month’s release includes one actively exploited zero-day…
Critical Vulnerability Discovered in HPE StoreOnce: What You Need to Know
Background Hewlett Packard Enterprise (HPE) has issued a security bulletin warning about critical vulnerabilities in its StoreOnce data backup and deduplication solution. StoreOnce is widely…