Frequent fliers get all the perks—and all the attention from cyber criminals, apparently. United Airlines, American Airlines, and Park-n-Fly have all reported breaches in the past few days, pointing to an emerging trend of attacks targeted specifically at travelers.
Travelers can be an easy mark for cyber criminals, because they're inherently off-guard and in unfamiliar situations. “Consumers may be somewhat easy targets, as we often cut corners protecting ourselves, fueled potentially by an urgency to complete tasks, travel-related stressors, and sleep deprivation," explained Trey Ford, global security strategist for Rapid7. "Given these considerations, consumers have a tendency to favor time-saving behaviors like password re-use, while stress, distraction and exhaustion raise our susceptibility to phishing campaigns.”
Travelers and travel-related companies and programs are particularly valuable targets, too. Individuals who are vigilant about guarding and monitoring bank and credit card information may not consider things like frequent flier miles to be worthy of heightened security. Those miles and customer rewards, however, do have value and can be traded for goods and services. They offer cyber criminals an easier target than banks and credit cards, while still being relatively easy to monetize.
“Going after frequent flyer miles, Candy Crush gold, or virtual swords and armor in World of Warcraft may seem like a surprising tactic for attackers, but for them it's an efficient way of monetizing low-hanging fruit attacks, such as phishing and credential theft,” explains Jon Oberheide, co-founder and CTO of Duo Security.
The second factor is that many travelers—especially the most frequent travelers—are generally traveling on business. That means they’re using corporate credit cards, which often have higher limits than personal credit cards.
There is one more thing of value attackers can obtain from these frequent travelers: personal information. These companies and programs generally include names, addresses, email addresses, phone numbers, and other sensitive information that attackers can use to steal the victim’s identity.
It’s important for businesses to monitor for failed logins as well as fraudulent successful logins. Failed logins are a strong indicator of an attempt at unauthorized access. Of course, the real damage comes when an attacker logs in successfully. Perhaps the username and password credentials have already been obtained from a different breach, and the attacker is able to waltz in and raid the proverbial cookie jar.
There are steps you can take to protect your accounts and information. “When making transactions especially with less sophisticated vendors," recommends Rob Shavell, CEO of Abine, "try to minimize not just financial info, but to give out less personal details, as these can be used for more sophisticated identity theft schemes at other places.”
Rapid7’s Ford suggests that travelers take a few minutes to replace re-used passwords and double-check travel loyalty balances as well: “Re-using passwords is dangerous. We’ve all been warned about the risks of using the same password for different websites, and yet we still do it,” stressed Ford.
Cyber criminals aren’t usually very discriminating. They’ll go after whatever requires the least effort. It seems that travelers, and the customer loyalty and frequent flier programs they use, have become a new target of choice.