Expect More Travel-Related Phishing as the Pandemic Subsides

Travel-Related Phishing ScamPeople need to be wary of travel-related phishing as the pandemic draws to a close, according to Fleming Shi, Chief Technology Officer at Barracuda Networks. On the CyberWire’s Hacking Humans podcast, Shi explained that phishing campaigns take advantage of current trends. Currently, many phishing attacks are themed around the demand for vaccines. As pandemic-related restrictions begin to lift, there will presumably be a major demand for travel as people are finally able to take vacations, and attackers will jump on this opportunity.

“The next phase for the targets will be people who are getting back out there, really kind of enjoy the world, right?” Shi said. “I mean, if you think about traveling through the holidays, I was pretty surprised how many people actually got on the plane and, you know, really tried to see their family, right? I think cabin fever – people are getting really stuck for a long time, and so there will be a rise in bookings for hotels, mainly because people are getting ready to plan for their vacation. They really need it.”

Shi said there are some security best practices that people can follow to avoid falling for these attacks.

“There's a few things you should be considering,” he said. “First of all, this is for the travel preparation stage, right? Once you get on the road, that's another set of things you need to worry about. But before you get on the road, I would say be very cognizant about clicking on links that offer really great deals that may not look real. Secondly, when you get to the site, if you don't have a password manager, I'll recommend a really strong password. So, password managers provide system-generated passwords, which is much harder to guess, very random. You will still have the convenience of actually getting into the site. But if the reservation site has, like, multifactor or two-factor authentication, you want to utilize those features because passwords still can be stolen, even system-generated.”

New-school security awareness training can enable your employees to be on the lookout for phishing attacks.

The CyberWire has the story.

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews