The lure of last-minute deals to get away after staying home for the last 2 years is so strong, scammers are using it to their advantage with scams intent on stealing online credentials.
Who wouldn’t like to get a great deal on a flight, a hotel, or an all-inclusive weekend in paradise? Phishing scammers know this and are impersonating tour companies, hotel chains, airlines and more as part of attacks that seek to deliver credential-stealing trojan malware.
According to security researchers at BitDefender AntiSpam Lab, these scams have been increasing throughout the second quarter of 2022 and are expected to continue to grow in frequency and number.
Popular subjects for these kinds of phishing scams include:
- Bonus flight hours
- Holiday rentals and all-inclusive deals
- Booking receipt notices
- Booking confirmations
- Airline ticket giveaways
Take the example below:
With so many people with a pent-up need to get away from the home they've been mostly tied to for the last two years, this scam is both timely now and will be for the foreseeable future.
And because these attacks are attempting to install credential-stealing malware, organizations need to put employees on alert and, ideally, put them through new school Security Awareness Training so they don’t fall for such easily identifiable scams that may cause harm to the organization.