You are viewing 1 of your 2 free articles
Cyber experts warn of heightened summer risk
The recent spate of cyberattacks on UK retailers has led cyber experts to warn of a heightened risk to travel companies and consumers as the summer approaches.
Emily Taylor, co-founder of Oxford Information Labs (Oxil) and the DNS Research Federation and now part of the Global Information Exchange (GSE) on cyber threats, said: “We see a huge uptick in travel threats in May to July.”
She noted hackers and scammers “tend to get their hooks into one brand and then go across a sector” and warned: “So many different businesses are involved in travel. There is no reason to think it won’t be affected.”
More: Social media making up half of £11m holiday fraud, police warn
Travel fraud on rise despite efforts to counteract criminal activity
Marks & Spencer was hit by a major cyberattack in April which continues to disrupt its business. The Co-op was subsequently targeted, as was Harrods, and this month a supermarket supplier was attacked.
Taylor identified travel as among the 10 sectors most-targeted by cybercriminals last year, with Airbnb, Booking.com and Emirates among the six most-targeted brands across all sectors.
Oxil and DNS Research partnered with Google and the Global Anti‑Scam Alliance to launch the Global Information Exchange as a ‘clearing house’ for cyber threats last October.
The exchange has already logged 230 million ‘threats’, according to Taylor, who reported “thousands and thousands of attacks on travel companies just in the last 14 days”.
Travel fraud methods
Attacks range from fake links in WhatsApp messages to false websites and fake businesses, malware, phishing, ‘cloaking’ (fake content) and spam.
She noted research suggests consumers feel reassured by well‑known brand names and said: “Impersonating organisations is often the way scammers go in, deploying brands people recognise.”
Taylor added: “Domains and links involved in fraud have a life of four to six hours. But time spent dealing with these runs into days, weeks and months.
“Rapid response is part of the toolkit. We pull this information together to enable players to take action. We hope to break the cycle of cybercrime just increasing.”
Her co-founder Lucien Taylor said: “It is clear local police forces are overwhelmed and have no tools to deal with online scams. We’re trying to prevent fraud happening.”
Barry Gooch, chair of Prevention of Fraud in Travel, said: “There are lots of ways of committing fraud in travel. If this helps stop some fraud, it will be helpful.”
He added: “There is a calendar of when different types of fraud occur. It depends on the type of fraud. But we only see what is visible.”
Emily Taylor suggested there has not been sufficient sharing of information up to now “because of misunderstandings about what data protection means”. She said: “Privacy laws don’t prevent sharing data on cybersecurity.”
The UK Information Commissioner’s Office advice to businesses states: “The UK GDPR and Data Protection Act 2018 do not prevent you from sharing personal information where appropriate . . . to support scam and fraud mitigation.”
The GSE is a non-profit organisation, and Taylor said: “We would welcome travel sector partners to use the threat intelligence. They can inform themselves of the threat landscape for their brand and share data they have on scams.”
More information: GSE.org
Related Content
Related Content
Jacobs Media is a company registered in England and Wales, company number 08713328. 3rd Floor, 52 Grosvenor Gardens, London SW1W 0AU.
© 2025 Jacobs Media
