Travel Websites Are A Phisher’s Paradise

A new study finds most airline and hotel brands fail to take basic precautions to protect customers from phishing emails.

Travel Websites Are A Phisher’s Paradise

Is your favorite airline or hotel doing enough to protect you from email scammers? A new study argues they aren’t, and that many companies don’t even take basic precautions.

Agari‘s TrustIndex report, released earlier this week, claims travel brands lag far behind social networking services, banks, and logistic companies like UPS and the USPS in protecting users from email attacks.

Agari, a security firm that specializes in anti-phishing services for large brands, ranked industries based on successful attacks that took place against consumers, offering authentication standards for customers, and adoption of DMARC. The report claims Delta has made notable strides in protecting customers against phishing attacks this year, but singles out American Airlines, SkyWest, and JetBlue for failing to deploy authentication standards for emails.

Authentication standards, although somewhat difficult to implement, allow brands to make clear to customers that their email communications are authentic. Although they are not foolproof, not adopting authentication standards makes it easier for spammers and con artists to pass off phishing emails as real airline tickets and tech support tickets.

[Image: Wikipedia user FoxR]

About the author

Based in sunny Los Angeles, Neal Ungerleider covers science and technology for Fast Company. He also works as a consultant, writes books, and does other things.



More Stories