Dark web hackers moonlight as travel agents
If a travel deal seems too good to be true, it probably is.
Trustwave on July 21 detailed a type of threat actor it calls “Dark Web travel agents.” These are threat actors that use stolen credit cards, corporate portal credentials, loyalty program accounts, as well as forged identification documents, to book discounted travel for customers on darknet markets and message boards. In one example provided, an “agent” was offering 40% off Skyscanner flight rates and 45% off Booking.com hotel rates. While there’s obvious consumer risk here, this could also affect small to medium-sized businesses (SMBs) looking to cut costs, home workers, or employees tasked with finding their own travel options for business trips. And of course, the legitimate sites used to book fraudulent travel risk brand abuse.
Although the practice isn’t new, Trustwave said these operations have “expanded significantly” in the last two years as stolen personal data has become more widely available. This growth also coincides with the rise of automated attack techniques.
Read more at Dark Reading