Write For Us

Hotels, airlines and travel sites battle bot attacks


© Getty Images/iStockphoto

By Danny Palmer, ZDNet

Hotels, airlines, cruises and travel sites are under siege from crooks using fake or stolen account details to try to access accounts.

Hackers have been using stolen or leaked account details to attempt to log into accounts, using botnets to deliver attacks at industrial scale, according to research by Akamai.

Akamai researchers analysed nearly 112 billion bot requests and 3.9 billion malicious login attempts that targeted sites in this industry including airlines, cruise lines and hotels among others. Nearly 40 percent of the traffic seen across hotel and travel sites is classified as "impersonators of known browsers" -- which Akamai described as a known vector for fraud.

Analysis of malicious login attempts by country against the hotel and travel industry by researchers at Akamai found that between November 2017 and March 2018, 650 million attacks came from Russia and 625 million came from China.

Researchers can't be sure why attackers in these regions of the world are so keen on attempting to breach accounts associated with the hospitality sector, but one likely explanation is that hotels and travel sites would be lucrative for organised crime gangs.

"By their nature, companies in the hospitality sector often hosts a lot of personal information," Bernd Koenig, director of security products at Akamai Technologies told ZDNet.

"For example, hotels have everything from guest credit card data through to identity documentation that guests might be required under local laws to provide at check in. This is exactly the kind of personal and payment data that would be considered valuable to hackers".

Not only are hotel websites full of personal information which can be used to commit fraud or even make purchases, a lot of them also offer users incentives and point-based reward systems which are open to abuse. These are tempting targets because "they are profitable and hard to track when compromised" said the Akamai State of the Internet report.

As for the source of the information behind the credential abuse attacks, cyber criminal forums and underground marketplaces are a treasure-trove for stolen and leaked login information including usernames and passwords -- often sold at a very low price.

Combine that with login credential re-use -- users using the same username and password across multiple websites -- and it's easy to see how accounts can be maliciously accessed for illicit profit.

"The hospitality industry is a big target from Russia and China because it's seen as low-hanging fruit that can potentially deliver big rewards. Once data is taken, it can be re-used for fraudulent bank transfers or other types of fraud," said Koenig.

"So it's incumbent on any company working in the hospitality industry to undertake serious due diligence on their data protection strategy," he added.

Hotels in general remain a popular target for attackers, who realise that travellers will be less guarded about connecting to wi-fi hotspots when staying at a destination. Some espionage groups have even used this knowledge in order to conduct phishing attacks for delivering malware to high profile targets.


Note: If you think this story need more information or correction, feel free to comment below your opinion and reaction.
Like & Follow to Stay Updated ...


Travel - U.S. Daily News: Hotels, airlines and travel sites battle bot attacks
Hotels, airlines and travel sites battle bot attacks
Travel - U.S. Daily News
Loaded All Posts Not found any posts VIEW ALL Read More Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy