McAfee reveals the top destinations hackers are targeting to make a quick buck off holidaymakers

SINGAPORE, 12th June 2019 – McAfee has revealed how cybercriminals are capitalising on consumers’ risky holiday booking habits for their favourite destinations. The findings show holiday hot spots Taiwan, London, Bali, Hong Kong and Japan generate the riskiest search results when people are on the hunt for holidays online.  

*The top holiday destinations for Singaporeans that hackers are targeting via potentially malicious sites:

1.      Taipei, Taiwan

2.      London, UK

3.      Bali, Indonesia

4.      Hong Kong, Hong Kong

5.      Tokyo, Japan

6.      Kyoto, Japan

Taking advantage of the high search volumes for accommodation and deals in these popular destinations, cybercriminals drive unsuspecting users to potentially malicious websites that can be used to install malware, steal personal information and even capture passwords.

“Wham, bam, thank you scam…”

McAfee’s survey of 500 Singaporeans shows the tactic is paying off for cybercriminals, with almost one in three (29%) people reporting they have been scammed or came very close to being scammed, when booking a holiday online. Almost half of holiday scam victims reported they lost anywhere between $1,000 to $7,000 as a result of the fraudulent activity, leaving savvy criminals to muse “wham, bam, thank you scam”!

Bargain-hunting Singaporeans are most at risk, with a third of holiday fraud victims (34%) being scammed after spotting a great deal which turned out to be fake. In addition to planting malware-ridden search results, hackers send malicious links through text messages, emails and pop-up adverts.

With a third of Singaporeans (30%) booking holidays through email promotions and pop-up ads,

Shashwat Khandelwal, Head of Southeast Asia Consumer Business, McAfeecomments:

“We strongly advise people to validate deals, holiday rentals and flights directly via trusted brands’ websites, instead of clicking on links and pop-ups offering bargains. Once they’ve validated its authenticity, all communication and payment should be conducted via that trusted platform to help keep personal and financial information out of hackers’ hands.”

Taking stock before you book

Around a quarter (23%) of Singaporeans are leaving the door open to fraud because they do not check the authenticity of a website before making an online holiday booking. While more than a third (33%) said it has never crossed their mind to check the authenticity of travel websites before they make a booking.

However, the excitement can quickly turn into a holiday horror, as approximately a quarter of holiday scam victims 
(23%) said they only realised the site or reservation method they used was fraudulent, when they turned up to their holiday rental to find the booking wasn’t actually valid. Meanwhile, almost one in three (28%) admitted they don’t know how to check if a site is trusted.

Keeping data safe at home and away

Almost half (45%) of respondents do not check the security of their internet connection or are willingly connecting to an unsecured network while away, putting themselves at risk when on holiday.

That’s not all – the survey found that people used devices for data-sensitive activity such as using Google Maps (76%), checking and sending e-mails (67%), as well as managing money through a banking app (28%). This makes it particularly concerning to discover that network security is not being prioritised.

Additionally, 58% of Singaporeans said they use work devices while on holiday, with 42% unable to resist looking at their work email. Despite work devices being connected to a wealth of personal and private data via corporate cloud, email and productivity services, the vast majority admitted they connect to public Wi-Fi in the hotel (80%) and airport (63%), potentially putting sensitive business information at risk.

Shashwat Khandelwal added: “Businesses are working hard to enable people to work collaboratively and flexibly through productivity tools and apps based in the cloud. While it’s their responsibility to ensure the appropriate security is in place, no matter where their employees are in the world, cybersecurity threats exist and proactive steps must be taken by those using work devices abroad to minimise the risk.”

McAfee tips for identifying authentic booking sites and safe surfing on holiday to prevent travellers becoming victims:

1.      Look for the tick before you click. Only click on websites that your security software has authorised as being safe. For example McAfee WebAdvisor will identify safe websites with a green tick and will block malware and phishing sites if you accidentally click on a malicious link from your search results.

2.      Make all payments via a trusted platform. Fraudsters may try to lure you away from a trusted platform with the temptation of discounted rates. Holidaymakers should keep all communications, bookings and payments on trusted platforms to protect them from phishing and other fraud.

3.      Always connect with caution. If you have to conduct transactions on a public Wi-Fi connection use a virtual private network (VPN) to help keep your connection secure.

By Harry