You are your own first line of defense
How to enjoy a risk-free holiday and keep fraudsters at bay
By Hector Rodriguez, Senior Vice President & Regional Risk Officer, CEMEA, Visa
Travel fever is taking millions of eager holiday makers by storm at a time during which COVID-19 travel restrictions are being eased, and scammers are all too eager to grab a piece of the action.
The travel industry took a massive hit over the past 18 months, pushing down prices and people are on the hunt for good deals now that they can fly again after a year and a half of being home-bound under lockdowns. At the same time, the pandemic necessitated a greater shift towards online transactions.
Those circumstances created an opportunity for scammers to capitalize on people’s excitement and devise travel-related fraud schemes. We are living in what is being coined as a ‘scamdemic’.
Global losses from payment fraud reached $32.39 billion in 2020, according to payment comparison site Merchant Savvy, and the losses are projected to continue rising to $40.62 billion in 2027.[1]
However, fear not, the likes of industry leaders such as Visa stay ahead of the curve to anticipate and predict cybercriminals’ every move today, tomorrow and every day with the aim of keeping you safe. We have made it our mission, alongside our partners and clients, to protect all payment transactions and the commerce ecosystem in general. We all act in a collaborative manner, jointly building strong mechanisms to combat fraud. In fact, Central and Eastern Europe, Middle East and Africa are some of the safest regions when it comes to fraudulent activity.
But, that in no way negates your own responsibility in protecting yourself.
If it looks too good to be true…
Yes, people all over the world are excited to travel again. But scammers are just as excited to fleece those very people of their hard-earned money in all ways possible.
It’s your job to ensure you don’t fall prey to their web of traps.
Scammers are very aware of that fact that consumers are hunting for the best travel deals. They are utilizing every tool at their disposal to sink their hooks into unwitting customers who were just looking for rock-bottom prices whether it was for airfare, hotel bookings, tour packages or car rentals.
Don’t get caught up in the excitement of having found your dream vacation package with an attractive price tag. A good rule of thumb to follow is: if it looks too good to be true, it probably is.
Know your enemy - recognize tactics
The first step to ensure you are not a casualty of the global industry that is cybercrime, is to arm yourself with information. You need to be aware of how scammers operate so you do not fall victim to fraud.
Scammers have devised many ways swindle you out of your savings, from social engineering to phishing attacks.
Social engineering is when scammers trick you into giving them personal or payment information. It can be in the form of calling you pretending to be a travel agent offering you an enticing vacation package and asking you for your bank details over the phone to put down a deposit fee. Of course, then they vanish with your deposit, and you are unable to contact them again.
It can also be in the form of website contextual advertising, emails, texts and WhatsApps. Scammers are relentless when it comes to finding new ways to get information out of you, because the more they know, the more sophisticated the traps they lay.
You may also find on the internet a fake travel agency or airline website or even more popular these days – social media linked pages that appear to look genuine, with amazing deals that can look like authentic and familiar to you, but if you inspect the URL and website more carefully, you can identify that it is fake. For example, the URL will have additional or different letters and symbols and the website may contain grammatical mistakes or limited functionalities.
Persistent scammers slowly but surely gather all the information they need to make fraudulent financial transactions in your name. During the first call, they get your name; on the second, the name of your bank, then they call posing as your bank to get your account information. Those scams are so convincing that even the most well-informed let their guard down. Which is why you need to be hyper vigilant with your information!
Phishing attacks involve scammers pretending to be a financial institution or a trusted merchant to gain personal information about you through fake emails and websites.
They can send you emails with the logo of your bank or your travel agent, enclosing a link for you to click ‘as soon as possible’ to win a huge discount on airfare or a vacation package. Once you click the website link, it will direct you to a fake website and whatever charges you pay will go directly to the scammers.
Be your own shield
Your financial institutions can and do protect your payments using multiple layers of security to prevent fraud and protect your data. Visa for example implemented the Visa Secure badge with hundreds of thousands of merchant sites to secure your online purchases.
Visa also uses “tokens” and one-click services to allow you to make online payments securely.
However, there’s only so much financial institutions can do to protect you, therefore its imperative you remain vigilant.
The reality is you will always be your own first line of defense against scammers.
What to watch out for
Here are a few tricks of the trade to be aware of in order to protect yourself.
- Caution and patience are your friends: An important thing to remember is that you must never share your account number, the three-digit security code (CVV2) on the back of your card or one-time passwords with anyone. Remember that financial institutions and verified merchants will never ask you to reveal sensitive information over the phone or through text messages.
- Under the microscope: The URL of secure links starts with “https://” and has a lock icon next to it when you’re on the page that’s asking for your payment details. The slightest errors and variations are a dead giveaway. If you get an email offering a great ‘time-limited’ offer. Take a pause. Double check the email. Check the logo against that of the company or the bank’s home page online. Check for grammatical and spelling mistakes (including URL). Pixelated images and low-resolution images are another thing to look out for. If the email is of poor quality, it’s highly likely it’s a scam and not a real offer by a bank or a travel agent. It is recommended to type in the URL website yourself or do a self-search of correct website name of the company you see the offer via a browser.
- Don’t: Do not click on any links or download files contained within emails you suspect are offering something too good to be true. Go to the homepage of the financial institution or travel agent you supposedly received the email from and check their website to see if there really are such offers.
- Double check the payment link: Always verify the name of the merchant and the amount being authorized, especially when you input your second factor challenges to confirm transactions.
- Invest in a good anti-virus/ anti malware package: Lots of traditional antivirus software now come packaged with anti-malware/ anti-phishing technology that can help you detect unsafe links and known malicious threats. Use one and regularly update it – it’s worth every penny.
- Last but not least: Two-factor authentication (2FA) is your friend. Use it and be wary of websites that don’t utilize it. You can also track your activity with Transaction Alerts. Immediately contact your issuing company in case of unauthorized payments activity.
Do your due diligence and save yourself the hassle of trying to get back money you were scammed out of.
Safe travels and a happy vacation!
[1] https://www.merchantsavvy.co.uk/payment-fraud-statistics/