Online Travel Site Scams

This is what can and is happening, when there is no viable 'Bricks and Mortar', in conjunction with accountable people.

In a major security breach, one of the world’s largest online travel agents (OTAs) has been targeted by scammers and forced to refund thousands of dollars to customers whose personal details have been stolen. About 10,000 consumers are affected.

The attack, involving Booking.com, the big OTA, is one of several high-profile online booking and travel site security breaches or scams in recent months involving OTAs, hotel loyalty programs and online tour sales firms. Hilton HHonors and Viator are among companies and programs to have fallen victim to hackers and cyber rogues.

Such attacks can undermine confidence in online booking. They also make consumers keener to deal with flesh-and-blood travel agents, people they can speak to, know and trust.

In the Booking.com case, guests booking hotel rooms unwittingly forwarded money to criminals who had obtained customer details. The crooks masqueraded as hotels, contacting customers online and using various pretexts to demand prepayment (a scam known as “phishing”).

The scammers got most details right: reservation numbers, names of guests and the correct logos. Customers fell for it, although a few smelled a rat and didn’t pay.

Booking.com, based in the Netherlands, is one of the biggest online travel agents, processing 700,000 room-night bookings in more than 200 countries each day, according to its website.

A company spokesman told the BBC that Booking.com had refunded customers but refused to say how much money was involved. The BBC quickly found one customer who had lost 1500 Canadian dollars (which Booking.com refunded) in a single booking.

Chief security officer at Booking.com, Peter Kornelisse, estimated about 10,000 people were affected. He told the BBC that Booking.com was on top of the problem, which was essentially a battle against organised crime. “We’ve made technical improvements in several areas.”

BBC’s Money Box financial program quoted Rik Ferguson from internet security firm Trend Micro, who tested the Booking.com system by registering as a fictitious hotel. Ferguson found he could access the system with a log-in and password.

He says if these log-in details were obtained, customer security would be compromised.

Booking.com insists it is not the victim of a data breach. It says criminals are obtaining customer details by sending messages to hotels to acquire guest details.

As cyber criminals become more sophisticated, so do online frauds and scams.

In a separate development, millions of Hilton HHonors rewards points are being stolen and sold online, traded in by scammers for gift cards and goods, according to UK-based global online tech publication The Register.

Apparently, points are being stolen through so-called “brute force” attacks that crack PIN codes, the Register reports. It says scammers on website forums apparently began trading Hilton HHonors points three months ago. “One eager scammer appeared to sell off 833,000 points for $20 worth of Bitcoins,” the Register said.

As tech site Skift points out: “Points aren’t just scores, and miles are more than distance travelled. Loyalty program credits are currency, every bit as good as cash; they were travel’s Bitcoin long before the e-currency was dreamt up.”

In September, Viator, the Australian-developed travel and tours provider acquired by TripAdvisor in August, notified 1.4 million customers of a data breach affecting its websites and mobile offerings that may have compromised customers’ credit and debit card numbers, email addresses, and other personal information.

Viator does not collect debit card PINs so these were not compromised, the company stated. Viator learned of the breach when its payment card service provider informed it about unauthorised charges on a number of customers’ credit cards.

Commerce infrastructure company Cellpoint Mobile comments: “For the travel industry, loyalty program-related fraud continues to be a growing threat; one that has the potential to weaken both company profit margins and customer trust.

“Schemes can come from a multitude of sources and in many different forms; including employee theft or rewards manipulation, member attempts to accrue rewards that do not belong to them, non-member account breaches, or even criminals, like the HHonors scammers, who hack accounts to steal rewards and sell them for their own profit.”

Written by Peter Needham November 2014

Booking through a travel agent is a better bet than booking online if you wish to avoid problems when arranging travel or while travelling.

Seven out of 10 Australians run into difficulties when travelling or preparing to travel, a survey by consumer group Choice has revealed. Over a quarter of those problems concern booking online – with hidden fees topping the list of peeves. http://www.tourismlegal.com.au/

The Choice (consumer review magazine) research was based on responses from a nationally representative sample of 1100 Australian travellers aged 18–75 who had travelled for leisure domestically (ever) and internationally (in the past 12 months).

Most commonly encountered travel problems were:
•Booking online (26%)
•Flights (24%)
•Transport (taxis, buses, trains) (19%)
•Booking with a travel agent (18%)
•Mobile phones (17%)
•Car hire (14%)
•Accommodation (14%)

For those who struck problems with booking online, 57% complained about hidden fees. Nearly 30% also struck difficulty fixing mistakes online and/or encountered technical website issues.

Booking with a travel agent caused problems for less than two out of 10 travellers, ranking it only as the fourth most common problem travellers encountered. Of those with gripes who booked through agents, 34% said they had difficulty fixing mistakes, 29% objected to hidden fees. Another 19% said they didn’t get quite what they paid for, such as preferred room types.
 

More recently, in the Paris terrorist attacks in November, travel agents contacted affected clients to adjust travel arrangements, keep them advised regarding airline announcements, insurance company advisory notices and other details. Travellers who booked online were caught unawares.

Likewise, during a sudden Lufthansa strike in September, travel agents working round the clock managed to get their clients to their destinations with little to no disruption. Travellers who had booked with OTAs, or direct with airlines, were left sitting at European airports, stranded and disgruntled. The same phenomenon has been noted during weather-related, and volcano-related, flight disruptions

Choice reminded its readers that “the compulsory licensing scheme for travel agents was abolished and replaced with a voluntary accreditation scheme called ATAS on 1 July 2014. The voluntary scheme provides some protections and recourse, such as full and partial refunds, if you are wronged.”

Choice advises consumers to do their research and find a reputable agent. “Agents with accreditation, such as ATAS accreditation, are required to meet minimal professional standards family and friends can also be a great source for recommendations.”

Of the 24% of respondents to the Choice survey who said they had struck some sort of problem with their flight, about half (51% ) said flights were either delayed or cancelled.

Choice advices travellers to obtain travel insurance that covers delays and cancellations. AFTA advises the same.