-
Marnie Wilking, Booking.com’s Chief Security Officer – Image Credit Phocuswire
- The travel industry faces increased cybersecurity threats, with phishing and credential stuffing on the rise.
- Experts emphasize the need for enhanced prevention, detection, and education to safeguard customer trust.
The travel and hospitality industry is increasingly becoming a target for sophisticated cybersecurity attacks, partly due to its inherent nature and the rise of artificial intelligence (AI). At the Phocuswright Europe conference in Barcelona, experts discussed the growing threats and the need for robust security measures.
Marnie Wilking, Booking.com’s Chief Security Officer, highlighted how scammers often pose as customers to exploit hotel systems, potentially infecting them with malware or taking over accounts. Conversely, hackers might impersonate travel companies to solicit payments fraudulently. Lorraine Sileo, a senior analyst and founder of Phocuswright Research, noted that the industry’s foundation on trust makes it particularly vulnerable to such attacks.
Phishing remains a prevalent threat, significantly increasing incidents since late 2022. Wilking attributed this rise to AI tools like ChatGPT, which enable attackers to craft more convincing phishing emails across multiple languages with fewer grammatical errors. Another growing concern is credential stuffing, where attackers use stolen email-password combinations to access various online accounts. These credentials are often sold on the dark web, exploiting the common practice of password reuse.
Wilking also pointed out the threat of nation-state attacks, which have evolved from espionage to targeting smaller companies to infiltrate larger partners. As these threats multiply, the conversation at the conference emphasized the importance of prevention, detection, and education to protect guests and maintain trust.
The discussion also explored how AI is being leveraged to combat cybersecurity threats, offering insights and tips for travelers to safeguard their information. The session underscored the critical need for the travel industry to adapt and enhance its security strategies in response to the evolving landscape of cyber threats.
Watch to the full conversation below:
