AI scams targeting travellers in Malaysia

A report by the chief information security officer of a leading online travel website, Booking.com, has noted a sharp rise in global phishing attacks targeting the hospitality sector.

2024-07-01_091316.jpg

Thematic image. Using AI, it said scammers create realistic emails to trick people into divulging sensitive data like credit cards or personal information. PHOTO: UNSPLASH

July 1, 2024

PETALING JAYA – Stronger regulation and protection is needed with the alarming rise of scams powered by artificial intelligence (AI) targeting hoteliers and travellers, say industry players.

Malaysia Budget & Business Hotel Association president Dr Sri Ganesh Michiel said although such cases are rare in Malaysia following close cooperation between hoteliers and online travel agencies (OTA), it is still a cause for concern.

He highlighted the urgent need for government intervention in regulating OTAs, including Airbnb operators, many of which are based overseas.

“There must be clear procedures for collecting personal information for domestic and international travel bookings to thwart fake reservations, fictitious accommodations, and phishing schemes facilitated through malicious APK downloads and external links.

“For example, one should not be allowed to register or make a booking using fake names before verifying his identity.

“Regulation is crucial to prevent data abuse and ensure customer safety. Measures like strict policies on links and two-step identifications are being implemented by Booking.com to enhance security.

“There is a need for laws and regulations to control online platforms and consumer behaviour,” he said.

A report by the chief information security officer of a leading online travel website, Booking.com has noted a sharp rise in global phishing attacks targeting the hospitality sector.

Using AI, it said scammers create realistic emails to trick people into divulging sensitive data like credit cards or personal information.

“For Booking.com to raise the alarm, it means it’s a dangerous trend, as AI can learn and get smarter.

“The platform’s warning underscores the evolving capabilities of AI and the diverse methods perpetrators can exploit to deceive and compromise individuals making travel bookings,” Sri Ganesh said in an interview yesterday.

He noted that except for some individual operators, hoteliers in Malaysia have been working closely with travel platforms like Booking.com and Traveloka and it has helped to address issues effectively.

“The coordination and sharing of information among industry stakeholders have improved to prevent and mitigate scams.

“We are always taught the latest trends and tactics and how to spot possibly fraudulent emails before clicking on any link.”

Malaysian Association of Hotels president Datin Christina Toh said that smaller players may be more vulnerable to scams as large international chains have the tech and cybersecurity support systems in place to handle these challenges.

“Nonetheless, these companies usually have mechanisms to detect and prevent such incidents, including working with their system providers.

“Hotels usually work collaboratively with platforms like Booking.com to identify and address such issues.

“That’s why frequent training and education of hotel staff on the telltale signs of scams is a regular practice to strengthen defences,” she said.

Toh noted that the rapid response capabilities of OTAs are vital in managing these problems, making close cooperation between OTAs and hoteliers essential for maintaining online security and trust in the industry.

Such support is crucial to helping these smaller entities manage and potentially circumvent cyber threats effectively,” she said.

Malaysian Tourism Federation president Datuk Tan Kok Liang recommended proactive steps for travel operators to protect against AI-enabled phishing scams such as providing employee education and training.

“Customers should also be informed about potential scams and taught how to verify the authenticity of communications from the business,” he added. Tan said that establishing secure communication channels is also critical to safeguarding business interactions, and installing robust cybersecurity tools would also help protect against digital threats.

“Finally, conducting regular security audits will help identify and address vulnerabilities, enhancing safety and confidence in online transactions,” he said.

scroll to top