According to a report by Decrypt, with the arrival of the summer travel season, travelers have embarked on their journeys while cybercriminals are turning to new technologies to carry out scams and data theft. They are using techniques such as phishing emails written with AI and maliciously configured phone charging stations to trap unsuspecting travelers.
The quantity of online phishing has drastically increased since the introduction of generative AI tools. According to a recent report by cybersecurity company SlashNext, the number of email phishing attacks has increased by 856% in the past year, largely driven by generative AI. This technology allows scammers to write phishing emails in multiple languages simultaneously, resulting in a 4151% increase in malicious emails since the launch of OpenAI’s ChatGPT in 2022.
Patrick Harr, CEO of SlashNext, mentioned in an interview with Decrypt that phishing attacks involve sending messages to unsuspecting victims, enticing them to click on links and connect to malicious websites or applications. This leads users to submit personal or security information, such as passwords. In January of this year, cybercriminals targeted users of the encrypted platform by launching phishing attacks after hacking into the email service provider MailerLite, resulting in fraudulent amounts exceeding $700,000.
A recent report by the International Financial Times highlighted the sharp increase in phishing attacks targeting both business and leisure travelers. These attacks include posting fake messages on fraudulent websites offering significant discounts. For example, a scam website may advertise accommodation in the Swiss Alps for $1,000 per night, while offering a promotional price of $200 per night to lure unsuspecting users.
Marnie Wilking, Chief Information Security Officer at Booking.com, stated that phishing activities started increasing shortly after the launch of ChatGPT. Fraudsters can now use generative AI tools to write scam emails in multiple languages with good grammar. Even hotel operators may inadvertently open malicious attachments in scam emails while trying to address customer issues.
Wilking advised travelers and accommodation providers to use two-factor authentication to ensure security and to avoid clicking on anything suspicious. She emphasized the importance of contacting hotels, property owners, and customer service units if there is even a slight suspicion.
Patrick Harr from SlashNext mentioned that a newer form of phishing called “smishing” (SMS phishing) is becoming increasingly popular and dangerous. This type of phishing attack targets mobile users by including false links in text messages.
Harr also mentioned that scammers are taking advantage of the widespread use of QR codes, which became more prevalent during the COVID-19 pandemic. He quoted a recent Verizon report that highlighted the risks associated with QR codes.
Although phishing attacks remain the most commonly used method by cybercriminals, the Federal Communications Commission (FCC) recently issued a warning about “juice jacking.” This type of attack typically targets travelers who charge their devices at airports and hotels. Attackers exploit the technology built into the universal USB standard, which not only transfers power but also data. Maliciously configured USB ports or connectors can steal information or install unwanted software once inserted into the victim’s device.
To prevent this emerging type of attack, the FCC recommends avoiding the use of free charging stations at airports, hotels, or shopping centers. Instead, individuals should use their personal chargers plugged into basic power outlets, portable batteries, or use data blockers to ensure USB connections are limited to power transmission.
Sources:
– Decrypt: [link]
– SlashNext: [link]
– International Financial Times: [link]
– FBI Denver: [link]
