Hotel scams: What travellers need to look out for when booking online

A video warning travellers of a costly and "dangerous" hotel scam went viral on TikTok this week.

The dupe centres on a family who were allegedly conned out of more than $6500 ($CAD6000) when they ordered room service from a fake hotel menu, unknowingly sharing debit card details with a criminal.

"It turns out, the room service menu that they actually ordered from was slid under the door," Toronto-based TikTok user Ali Koca concludes in the video.

Despite many online critics poking holes in Koca's footage, which is light on specifics and appears to use stock imagery, the cautionary clip garnered more than 1.9 million views.

Australians lose $2 billion a year to scams, and online scams in particular have surged across the world during the COVID-19 pandemic as consumers take more of their spending online and hackers take advantage of confusing new COVID protocols.

But hotel scams are more likely to occur before you even arrive at a property.

UK bank Lloyds recently issued an urgent scam warning to Britons following a spike in holiday booking fraud leading into the northern hemisphere's summer, which saw travel scams increase by 33 per cent, and hotel scam reports by 18 per cent since last year.

Pete Murray, managing director of ANZ ransomware resilience and data backup company Veritas Technologies, said that, as with the UK, he expects to see these scam case numbers rise in Australia in the lead-up to summer.

"Over the holiday season in 2022, we expect to see a rise in scammers sending emails pretending to come from hoteliers and travel companies directing holiday makers to fake COVID verification sites that are there to steal their information and infect their computers," he says.

Advertisement

COMMON HOTEL SCAMS

Murray said that with most Australian travellers now booking and paying for holidays online, they're seeing a surge in scams targeting travellers.

"Scams often seek to get personal information such as birthdays, bank details, or other valuable confidential data. Unfortunately, many of these details are required when booking flights and hotels, making the travel industry a prime target for data breaches," says Murray.

Among the more common scams are fake hotel booking confirmations, tracking emails and bogus hotel sales deals.

"Millions upon millions of customer details have been stolen from international hotel chains globally over the past five years and hackers are already able to use these to send emails pretending to come from hotel companies," Murray noted.

"We're also seeing new fraudulent tactics, such as fake stores advertising hotel accommodation via social media."

Global COVID protocols, such as COVID testing and proof of vaccination, are also being manipulated by hackers to target hotel guests.

"Hackers can use the unfamiliarity of these processes to confuse holiday makers into sharing personal data and downloading dangerous malware, such as ransomware, onto their devices," Murray said.

Adam Glezer, owner of independent advocacy company Consumer Champion, says booking hotels via third-party online travel agencies can also come with a risk.

"The main issue is you've got to navigate two sets of terms and conditions – the hotel and the booking website," Glezer says.

Consumer Champion also cited a recent court ruling in which online travel agency Trivago was fined $44.7 million for misleading Australian consumers into believing they had the best accommodation rates.

"Trivago were telling Australians that they were offering the best hotel deals, when the majority of the time they were promoting the hotels that paid the most per click," Glezer said.

"If you book directly, the chances of encountering issues are lowered dramatically. There are no guarantees that the third-party company is going to be fully transparent and actually offer you the best rate."

SO WHAT CAN YOU DO?

  1. The Australian Competition and Consumer Commission (ACCC) advises contacting your bank or financial institution if you've lost money to a scam; they may be able to find where the money was sent, block the scam accounts and help others to avoid sending money to scammers.
  2. Practice good cyber hygiene habits, including: making sure the site is secure before payment, checking that the URL has a small lock visible in the search bar before providing your personal information, and ensuring the URL starts with 'https//' (with an 's' for 'secure').
  3. Conduct a verification checklist that includes: checking the website URL, hovering your mouse over any email links to ensure it leads where you'd expect before clicking, and verifying the validity of any requests for payment.
  4. Australian banks also encourage customers to use secure payment tools, such as BPay and PayID, which can show customers who they are paying before they pay and reduce the chances of being scammed.

Comments