Holiday Booking Scam – Do Not Pay for Your Holiday Twice!

31584984_sFirst minute holiday bookings pay best when being really booked first. If you had time before New Year, you could purchase a holiday trip for more than 50% off its common price. But many of us did not want to disrupt the atmosphere of Christmas and New Year. The majority of people start to search for holiday stays in January so that they have a choice or book some holiday for a discounted price. If you book your holiday until the end of February, you still gain some interesting discounts, most often for accommodation. Other services, such as transport, full board or half board, are usually not discounted. But, be cautious not to pay for your holiday twice!

When booking your lovely apparent by Croatian sea, travel agencies usually require some prepayment, typically 50% of the total price. The second half of the payment is usually due to a certain day. Please, be careful to whom you pay it.

In this post we are going to describe a few scenarios, how scammers capitalize on the season, when people are booking their holiday.


As we already wrote, the end of year and the first quarter of the upcoming one is a hot season of first minute holiday bookings. Travel agencies are busy with their clients planning where to spend their holiday time. But in spring time, scammers also think how to misuse this particular seasonal, or short time interest of the majority of population, how to misuse this “wave”.

Current telephone scams are more sophisticated than ever, they work with many data or inputs to improve outcome. What are these inputs?

  • SEASONAL ACTIVITY: Scams related to activities the majority of people do in some certain time are common, as spammers need to infiltrate the mass.
  • COMPANY NAME: Very often Scammers also pretend to be representatives of some well-known, reputable, high-volume business, the majority of people knows and uses.
  • COMMUNICATION HISTORY: The successfulness of any fraudulent call significantly increases, when the scam telephone call builds on the history of recipients’ activities.

17695326_sLet’s have a look at two examples of vishing (voice phishing, phising call) schemes from practice. To read the definition of the term “vishing”, please check previous post “Security test: 10+1 Things You Should Know About Your Phone Number”.

Have You Ever Won a Holiday Trip?

“Congratulations, you have won a trip to Bahamas, the only thing you have do is to pay the taxes for the flight and accommodation.Please, provide us with your bank account number so that we can process your booking.” “Congratulations, as you have recently booked a flight with Qantas, you won a ‘credit points’ worth $999 towards your next holiday. In order to be eligible for the prize, we need to ask a few questions first:Are you aged over 30? Do you have a valid credit card? Can you provide your credit card details, so that the credit points can be processed?”
This is an obsolete scam that does not work anymore, as it is very easily see through, it does not follow in the history of the potential victim activity. The called party would most probably not accept such an offer. Such phone calls were carried out in time Qantas was on top of selling flights. There was a high possibility the caller will get through to somebody who has just flight with Qantas and the trap was very likely filled.

The scam uses:

Seasonal activity: YES/NO

Seasonal activity: YES

Well-known, high-volume business name: NO

Well-known, high-volume business name: YES

Communication history: NO

Communication history: YES

The effectiveness of this fraud is:

LOW

HIGH

Today, scammers do not only follow seasonal activities and misuse reputable company names; they also try to continue in the history of recent recipients’ activity. When combined with other knowledge such as recipients name, sure name, age and home address, scammers are able to find in their database some intersections; to find a target group that could respond to their scam better than average, even exceptionally.

What is the result? Even people who are usually cautious do not have to distinguish between the real and the fake. The call is personified, the scammer knows recipients home address, he knows what the recipient did, and all this is true.

Let’s have a look at one more example of a phishing email, this time from the site of the business affected. The fraudulent email itself has a potential of using all the inputs, thus his efficiency would be classified as very high.

Have You Ever Forget to Pay The Rest of Your Holiday?

Below you can read a warning letter from Alexia travel agency, whose clients faced scammer emails requiring the client to pay the second part of their booked holiday. Alexia travel agency offers first minutes bookings for the majority of tours in their summer holiday catalog. Please note that the name of the travel agency is not real, it was changed not to damage its reputable brand.

  • AGE: The travel agency specializes itself on stays at the Mediterranean Sea, and addresses young people and families with children as they offer significant group discounts and discounts for kids. The scammer will filter people of age between 25 and 40.
  • HOME ADDRESS: Their plane boarding points are in certain airports only. The scammer will filter people who live in the cities where the chart plane of Alexia travel agency flies from.
  • NAME AND SURE NAME: Personification increases the likelihood that the potential victim will not be suspicious of the request.

20083177_sWhat is the conclusion? Any personal data you provide to an unknown person helps manipulating you more easily into performing actions, the person desires. These types of activities are already well-known under the term social engineering.

 

 

From: holiday@alexia-ta.com

Dear clients, Recently we monitor some fraudulent emails directed to our clients in order to withdraw the balance payment for your early bookings with Alexia travel agency. Fraudulent emails looks as if they would be sent under the heading of Alexia travel agency; they inform its recipient about the delay in payment for their early holiday booking. Under the threat of automatic withdraw of the amount due from recipients bank accounts; they require immediate payment via an electronic form. Alexia travel agency in any case does not send emails with such content to its clients. These emails can be identified based on email address, from which they are emailed. The only official email address Alexia travel agency uses for its communication with clients is holiday@Alexia-ta.com, if you receive an email from a different email address; we recommend deleting it and ignoring.  We apologize to the victims and the recipients of these fraudulent messages for the inconvenience and unpleasantness. With regret, we have to say that, despite our maximum effort, it is not possible to fight against such a fraud effectively.

In case you have witnessed or been directly targeted by this type of fraud that was in any context with Alexia travel agency, please contact us and inform us immediately. You will help us to combat these practices more effectively.

Alexia travel agency team

Your holiday will not be that fun, while knowing the cost it could be and it actually is. Being a victim of fraudulent phone call certainly spoils your holiday experience, and not only the experience of the holiday it directly relates, but most probably also a few next ones, till you to forget.

SHOULDIANSWER helps to prevent phone scams. By downloading SHOULDIANSWER at Google Play, you will avoid any unsolicited telephone calls other users already marked with negative rating. Same as with the fake emails from Alexia travel agency, you can opt to automatically delete/block or just read and ignore/get an alert about any unsolicited phone numbers. Do not let scammer to earn money on you, enjoy a great holiday!