There’s no doubt that Singaporeans love travelling and they’re constantly on the lookout for novel travel destinations and experiences.
Unfortunately, the lucrativeness of the online travel industry has made it a hotbed for cybercriminals who target innocent customers with phishing scams and fraudulent accommodations.
According to a study by McAfee, cybercriminals are capitalising on consumers’ risky holiday booking habits for their favourite destinations.
Having said that, the study revealed that Taiwan tops the chart as the destination for Singaporeans that generates the riskiest search when people are on the hunt for holidays online. Other top spots include London, Bali, Hong Kong and Japan.
Taking advantage of the high search volumes for accommodation and deals in these popular destinations, cybercriminals drive unsuspecting users to potentially malicious websites that can be used to install malware, steal personal information and even capture passwords.
The survey was conducted on 500 Singaporeans and it showed that the tactic is paying off for cybercriminals, with almost one in three (29%) people reporting they have been scammed or came very close to being scammed, when booking a holiday online.
Almost half of holiday scam victims reported they lost anywhere between S$1, 000 to S$7, 000 as a result of the fraudulent activity, leaving savvy criminals walking away with a smile.
In addition, bargain-hunting Singaporeans are most at risk, with a third of holiday fraud victim (34%) being scammed after spotting a great deal which turned out to be fake. Apart from planting malware-ridden search results, hackers send malicious links through text messages, emails and pop-up adverts.
With a third of Singaporeans (30%) book their holidays through email promotions and pop-up ads, Shashwat Khandelwal, Head of Southeast Asia Consumer Business for McAfee said, “We strongly advise people to validate deals, holiday rentals and flights directly via trusted brands’ websites, instead of clicking on links and pop-ups offering bargains. Once they’ve validated its authenticity, all communication and payment should be conducted via that trusted platform to help keep personal and financial information out of hackers’ hands.”
Failure to check website’s authenticity
Although it might sound petty, but checking the authenticity of a website is a vital move. Around a quarter (23%) of Singaporeans are leaving the door open to fraud because they do not check the authenticity of a website before making an online holiday booking.
While more than a third (33%) said it has never crossed their mind to check the authenticity of travel websites before they make a booking.
However, the excitement can quickly turn into a holiday horror, as approximately a quarter of holiday scam victims (23%) said they only realised the site or reservation method they used was fraudulent, when they turned up to their holiday rental to find the booking wasn’t actually valid. Meanwhile, almost one in three (28%) admitted they don’t know how to check if a site is trusted.
Safeguard your data and network
Almost half (45%) of respondents do not check the security of their internet connection or are willingly connecting to an unsecured network while away, putting themselves at risk when on holiday.
That’s not all – the survey found that people used devices for data-sensitive activity such as using Google Maps (76%), checking and sending e-mails (67%), as well as managing money through a banking app (28%). This makes it particularly concerning to discover that network security is not being prioritised.
If that is not all, 58% of Singaporeans highlighted that they use work devices while on holiday, with 42% unable to resist looking at their work email. Despite work devices being connected to a wealth of personal and private data via corporate cloud, email and productivity services, the vast majority admitted they connect to public Wi-Fi in the hotel (80%) and airport (63%), potentially putting sensitive business information at risk.
“Businesses are working hard to enable people to work collaboratively and flexibly through productivity tools and apps based in the cloud. While it’s their responsibility to ensure the appropriate security is in place, no matter where their employees are in the world, cybersecurity threats exist and proactive steps must be taken by those using work devices abroad to minimise the risk,” said Mr Khandelwal.
Tips to avoid becoming a victim
- Look for the tick before you click
Only click on websites that your security software has authorised as being safe. For example, if one uses McAfee WebAdvisor, it will identify safe websites with a green tick and will block malware and phishing sites if you accidentally click on a malicious link from your search results.
- Make all payments via a trusted platform
Fraudsters may try to lure you away from a trusted platform with the temptation of discounted rates. Holidaymakers should keep all communications, bookings and payments on trusted platforms to protect them from phishing and other fraud.
- Always connect with caution
If you have to conduct transactions on a public Wi-Fi connection use a virtual private network (VPN) to help keep your connection secure.