If you guessed social media, congratulations. It topped the latest Agari Email TrustIndex, which measures the adoption of essential email authentication standards across several industries. It revealed the pains to which social networking companies like Facebook and Twitter go to prevent fraud. Given that these online communities are built on trust, no one was really surprised.
But how about the lowest score? That didn’t come as a shock to me either, since I spend a good part of my consumer advocacy practice swimming in its waters. But it might surprise you.
While social media companies earned a respectable score of 73 out of 100, travel only managed to score a 17. (That’s up 15 percent from the previous quarter, but still — 17 percent? You’d get that for filling out your name correctly on a test.)
Why? Travel is an easy target and we are willing victims. Phishing scams proliferate, and despite the industry’s efforts, it will probably continue to be hit hard, according to the survey. “Cyber-terrorists will return to target the travel sector and when they sharpen their phishing attacks against travel leaders, many may be left stranded on the tarmac,” Agari concludes in its report.
Wouldn’t it be useful to know how to handle the travel industry’s fraudulent emails? You bet.
No, they’re not giving away free tickets to the first thousand “likes.” Some of the most frequently-repeated email scams, like the fake Instagram account that promises you a “free” ticket for liking it, work so well that they continue to be recycled. It’s impossible to know where the next scam will come from or what it will look like. But it’s a safe bet that it will offer something that’s too good to be true, like a ticket in exchange for a “like” or “follow.” Don’t fall for it. Like only the things you really like — and know.
It’s all fun and games until someone asks you to wire money. The most accomplished scammers in travel aren’t going for your personal information, which is exactly what they’re hunting for with a “like” scam. No, they want your cash wired to them directly, if possible. Some of the phishing scams I’ve seen are incredibly sophisticated, and many of my friends who should really know better have fallen for them. The best way to prevent it? Never follow an email link to a page that demands your login credentials and never, ever wire money to anyone.
Don’t lose your mind when it comes to frequent flier miles. Scammers know that when it comes to email, the fastest way to get you to release personal information is to dangle the promise of “free” miles in front of you. It works for two reasons: Award points are often given for “free,” but it’s also like catnip for frequent travelers. It makes them irrational. Repeat after me: miles are earned, and they’re meant to be burned quickly, not stockpiled. A criminal may try to short-circuit your common sense with a generous, but fraudulent, mileage offer. Just say “no.”
Bottom line: email scams in travel work not just because travel companies can’t get their act together. They work because we let them work. So a little dose of skepticism about the latest come-on from an airline, cruise line or hotel may take you a long way.
As the folks at Agari note, email security is everyone’s problem. It’s not a question of if you will be a victim of a phishing or email fraud attack one day, but when.