Bethany Alvaro 
The study analysed airline, hotel and travel-related posts on the dark web and found that major global and US-based airlines such as American Airlines, Southwest, Emirates, United, Alaska and Delta made up over half of all airline cyber crime discussion on dark web forums.
Loyalty program accounts are the assets most likely to be stolen or sold, with phishing scams being a primary method of accessing customer data, credentials and log-in details. Data breaches that expose wider customer base information is another method that cyber criminals commonly employ.
Once sensitive information has been obtained, this enables cyber criminals to book free, cashless and hard-to-trace flights under the accounts of travellers with hundreds of thousands of travel points worth thousands of dollars.
“The travel industry is a lucrative target for hackers due to the sensitive personal and financial data they handle. Our research shows that airlines continue to face data breaches and this stolen information has a thriving market on the dark web,” NordVPN chief technology officer Marijus Briedis said.
“Consumers should strengthen their account security, particularly during busy travel periods when scammers are most active.”
Airlines aren’t the only travel sector facing this threat, hotel scams are also taking off.
The report found that global hotel chain Marriott made up 35 per cent of dark web hotel mentions, alongside Accor, Hilton and IHG.
Once cyber criminals access customer data through similar scams used on airlines, high-value, sensitive data including names, email addresses and potentially passport numbers are at risk of being leaked and can sell for up to $3,000.
“The price of stolen databases isn’t determined by their volume. What drives the value are sensitive details like passport numbers, loyalty points or information linked to places or organisations that attract extra attention,” Saily CEO Vykintas Maknickas said.
“High-value data like this justifies much higher prices, which motivates cyber criminals to target companies in the travel sector more aggressively.”
Saily and NordVPN both warned travellers and customers to remain vigilant during this busy travel season and that simple cyber safety techniques like changing passwords and turning on multi-factor authentications is critical.
“Check your accounts before and after a trip. Traveling increases exposure simply because you’re accessing your accounts more and not always on trustworthy networks. Consider using a travel eSIM to minimise these risks,” Maknickas said.