CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◇ Industry News & Leadership Jun 16, 2026

Planning a trip? Fake travel sites are multiplying this summer

Help Net Security Archived Jun 16, 2026 ✓ Full text saved

Cyberattacks against hospitality, travel, and recreation organizations rose 24% year over year, reaching an average of 2,291 incidents per organization each week in May 2026, according to Check Point. (Source: Check Point) “The sector has more than doubled its attack volume since May 2023,” researchers noted, reporting a cumulative increase of 122% over three years. According to the report, 47,318 travel-related domains were registered in May 2026, a 33% increase from the previous month. One … M

Full text archived locally
✦ AI Summary · Claude Sonnet


    Sinisa Markovic, Managing Editor, Help Net Security June 16, 2026 Share Planning a trip? Fake travel sites are multiplying this summer Cyberattacks against hospitality, travel, and recreation organizations rose 24% year over year, reaching an average of 2,291 incidents per organization each week in May 2026, according to Check Point. (Source: Check Point) “The sector has more than doubled its attack volume since May 2023,” researchers noted, reporting a cumulative increase of 122% over three years. According to the report, 47,318 travel-related domains were registered in May 2026, a 33% increase from the previous month. One in every 112 newly registered domains was already classified as malicious or suspicious. “Many others remain dormant for now, waiting to be activated as summer traffic peaks.” Check Point identified three coordinated bulk-registration operations during April and May. One involved more than 210 sequentially numbered hotel-themed domains using naming patterns such as hotel-stay[N].com and stay-hotel[N].com. Another referenced American Express and Lloyds Travel Choice, combining terms such as “happytrip” and “travelchoice” on .ink domains. A third targeted the Fora Travel brand through 108 top-level domains, including .cruises, .miami, and .international. The researchers also uncovered phishing sites masquerading as Booking.com, Airbnb, and Skyscanner. One Booking.com-themed operation used fake login pages to steal credentials and payment card details, while an Airbnb-themed site targeted travelers planning trips to Canada with listings for destinations such as Montreal, Toronto, Vancouver, and Banff alongside imagery of the Canadian Rockies. “The people behind fake booking sites plan around the summer surge just as carefully as legitimate businesses do, and they are ready well before most travelers start searching,” researchers concluded. More about Booking Check Point fraud hospitality industry research scams survey travel industry Share
    💬 Team Notes
    Article Info
    Source
    Help Net Security
    Category
    ◇ Industry News & Leadership
    Published
    Jun 16, 2026
    Archived
    Jun 16, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗