These Are The Most Dangerous Travel Sites In The World

Hackers “aren’t taking time off”

About 38 million Americans will travel this Labor Day weekend, and some of them might fall victim to the most dangerous travel sites, according to DomainTools.

“Hackers aren’t taking any time off this summer,” says Tim Helming, DomainTools’ director of product management. “It’s prime phishing season. You should be on high alert for travel-related scams.”

Among the findings:

✓ Airlines had the largest number of high-risk domain names associated with their brand (American Airlines, for example, had 17 high-risk scams, with 12 of those being found on domain blacklists for malicious activity).

✓ Online travel agencies are the most frequently scammed, with just two sites exhibiting over 30 associated imitative domain names. DomainTools assigns each domain a risk score between 1 and 100. The higher the score, the higher the risk. Expedia and TripAdvisor had over 20 malicious domain names with risk scores of 100 associated with the brands.

✓ With both the airline and travel booking companies, scammers use common domain spoofing techniques, such as adding an extra “s” to the end of TripAdvisor.com or an extra “R” to unitedairlines.com.

The list of the most dangerous travel sites might surprise you. Although it includes a few online travel agencies, the airline industry dominates it. The research suggests that while there’s no quick solution, travelers can take better steps to prevent it. Consumers can take precautions when shopping for travel online, while companies can do more to increase their own security, according to DomainTools.

These are the most dangerous travel sites

To be clear, DomainTools isn’t calling any of these sites the most dangerous travel sites. It is saying that if you misspell one of the names, you could end up on a fraudulent site where criminals will try to rip you off. For obvious reasons, I’m not going to mention any of the high-risk domains by name or link to them from this story.

TripAdvisor

High-risk domains: 29
Why scammers like it: Because it’s TripAdvisor. Travelers search this site for hotel reviews, often typing the domain name to access it — but not always accurately. “Hackers are betting that consumers will be distracted,” says Helming.
What to look for: Variations of TripAdvisor, such as separating “trip” and “advisor” with a dash, or using an unusual top-level domain, like “.ga,” are common.

United Airlines

High-risk domains: 25
Why scammers like it: It’s an airline, and easily misspelled. Consider Jeremy Cooperstock’s long-running dispute with United over the domain Untied.com, a site so critical of the airline that it sued him to block it.
What to look for: Domains that contain United and “reservations” or “flight ticketing” are popular.

American Airlines

High-risk domains: 19
Why scammers like it: It’s the world’s largest airline.
What to look for: Criminals add terms like “voucher” and “cargo” to the domain name to make it more enticing.

Delta Air Lines

High-risk domains: 11
Why scammers like it: It’s a major U.S. carrier.
What to look for: The bad guys add words like “vouchers” and “tracking” to the word “delta” to make it more attractive to search engines — and victims.

Expedia

High-risk domains: 8
Why scammers like it: It’s big. “The largest companies are likely to be the most lucrative for scammers seeking to spoof domain names,” says Helming.
What to look for: Common misspellings, like “Expediaa” and “xpedia,” as well as exotic country top-level domains.

Southwest Airlines

High-risk domains: 7
Why scammers like it: Southwest has a reputation for generosity, from including a checked bag in its fares to reasonable fees (or none). That makes it a prime target.
What to look for: If the words “free” or “cheap” are in the domain, chances are it’s a phishing site.

Priceline

High-risk domains: 6
Why scammers like it: Priceline has long been a magnet for bargain-hunters. Scammers know that they might hook a few victims with a too-good-to-be-true deal.
What to look for: Creative variations on the Priceline name, including adding the words “home,” “flights” and “car rental.”

Alaska Airlines

High-risk domains: 4
Why scammers like it: Alaska is another popular airline for passengers who want a fair price without overpaying.
What to look for: Added words like “ticket” and “miles” set the fake domains apart from the real thing.

How to avoid the most dangerous travel sites

To understand how to avoid these sites, you need to take a deep dive into how DomainTools found the most dangerous travel sites. One of its applications, called PhishEye, flags high-risk domains. DomainTools also has a “proximity to known maliciousness” algorithm to ferret out scammy sites.

The process is fascinating. Once DomainTools identifies a potentially bad domain, it allows you to run sophisticated searches that can detect a single phishing operation across several sites. For example, DomainTools allows you to search by registrar name or IP address, to find out who’s behind a ruse.

The conclusion is inescapable: A vast network of sophisticated scammers are preying on you while you’re online, and particularly when you’re trying to make travel plans.

“Keep your guard up,” advises Helming. “Be aware that we are all potentially susceptible to phishing. You’ll enjoy that holiday a lot more when you know that you didn’t get taken in by a scam.”

He says travelers should practice a “healthy” paranoia about where they go online. His recommendations:

✓ Go direct. When booking travel, consider making a reservation directly through the airline instead of a third-party site. “It’s a safer alternative,” he says.

✓ Educate yourself. Stay up-to-date on the latest scams that circulate through the web. For example: avoid high-pressure tactics: “Book now” or “Only three rooms left” or “Sale ends tonight,” he says.

✓ Stay alert. “Don’t let summer distract you from keeping an eye out for sketchy domains,” says Helming. “Sign up for alerts from the company you booked through, so you’ll know when it’s legit.”

✓ Maintain your own blacklist. Flag “phishy” emails and send those straight to your spam folder. “And think before you click,” he says. “Hover your mouse over any suspicious domain names or links to find out if they’re who they say they are.”

What companies should do about the most dangerous travel sites

Corporate America is all but powerless to stop these fraudulent and dangerous domains, thanks to the open nature of the internet. Helming told me corporations are concerned mostly about their employees clicking on the fraudulent links. The companies can alert local law enforcement when they find a suspicious pattern — and they can work within the legal system to try to shut down the online criminals.

But it’s a cat-and-mouse game, with the criminals seemingly one step ahead of everyone else. Companies can’t protect their customers. And in my experience as a consumer advocate, when customers do fall victim to phishing attacks, corporate America often turns a blind eye to the victims. They tell their customers, “You should have known better.”

And until they find a way to shut down this sophisticated domain-spoofing and phishing operation, there really is only one thing to do: Be careful out there.

Very careful.

Christopher Elliott is the founder of Elliott Advocacy, a 501(c)(3) nonprofit organization that empowers consumers to solve their problems and helps those who can’t. He’s the author of numerous books on consumer advocacy and writes weekly columns for King Features Syndicate, USA Today, and the Washington Post. If you have a consumer problem you can’t solve, contact him directly through his advocacy website. You can also follow him on Twitter, Facebook, and LinkedIn, or sign up for his daily newsletter.