August 14, 2018
ThreatMetrix Warns of Mobile Fraud Risks and Stolen Identities in Use During Summer Travel and Ticketing Season
Posted May 28, 2015
As More Consumers Turn to Mobile Devices to Book Travel and Purchase Tickets, ThreatMetrix Outlines Cybersecurity Strategies to Stay Protected
San Jose, CA – May 28, 2015 – ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announces several cybersecurity risks associated with the summer ticketing and travel season. Throughout the heightened travel season, individual mobile app usage will be on the rise, which can lead to an increase in mobile app fraud.
According to a recent survey by Orbitz.com and the University of Wisconsin, more than two-thirds (68%) of Americans plan to take at least one vacation this summer, with an increasing number of consumers booking hotels and flights online and via mobile devices. In fact, travel-focused research firm PhoCusWrite estimates mobile travel apps will account for one-quarter of all U.S. online travel sales this year – driving more than $40 billion in revenue – much of which will be generated during the peak travel booking season of July and August.
“While mobile devices are considered more secure than desktops to a certain degree, mobile apps on these devices can be a mess at times, so consumers must exercise caution when booking travel or purchasing tickets via these apps,” said Andreas Baumhof, chief technology officer at ThreatMetrix. “As most hotel chains, airlines and ticketing companies have developed their own mobile apps, banks often do not have a holistic view of fraudulent activity across apps – and cybercriminals see this as an opportunity to compromise mobile apps for personal or financial gain.”
Given the increase in online and mobile transactions surrounding summer travel and ticketing, consumers must be aware of several risks and make efforts to stay protected. These include:
- Downloading fraudulent apps – With nearly every hotel chain, airline and ticketing company having its own mobile app, cybercriminals can easily seize this opportunity to create fraudulent apps that look authentic to the everyday consumer. Threats associated with fraudulent apps include malware and offer cybercriminals access to personal information stored on devices. To avoid these threats, consumers should only download official apps from the app store – not a third-party source.
- Accessing public Wi-Fi – Today, consumers constantly have their mobile devices on hand and often do not hesitate to jump on a public Wi-Fi network at a coffee shop, airport or other location to save on their mobile data usage. However, consumers must limit the sensitive information they access on public Wi-Fi networks – such as banking and financial information, as these networks are often compromised by cybercriminals. Fraudster can intercept an individual’s connection on public Wi-Fi to steal personal information or install malware.
- Purchasing tickets from third party sources – Each year, more than five million Americans purchase fraudulent tickets to concerts, sporting events and other leisurely activities. This risk is exacerbated by the increasing use of marketplaces such as Craigslist. To stay protected, be wary of purchasing tickets from untrusted third parties, classified ad sites or scalpers and be sure to only purchase tickets from official event websites or approved resellers.
- Storing personally identifiable information (PII) – A key reason many consumers use mobile devices is because it’s easy to store PII – such as names, email addresses and credit card numbers – to return to an e-commerce website or online bank and make a repeat purchase. However, given the recent influx of data breaches, totaling 783 in 2014, stolen consumer identities are often used without the individual’s knowledge. Therefore, consumers should limit the amount of PII stored on mobile devices – even if it means spending a few extra minutes to make a mobile transaction.
“In light of recent high profile data breaches, hotel, airline and ticketing companies need an understanding of how stolen identities are used in order to differentiate between fraudulent and authentic activity, which can be done by leveraging global shared intelligence,” said Baumhof. “Cybercriminals attempt to use stolen identities for activity such as credit card fraud, phishing and online transactions – and often sell stolen identities to underground crime rings. Shared global intelligence acts as a type of personal digital guardian that works and keeps consumers’ identities protected against getting burned by fraudsters in the summer months and year round.”
While consumers must do their part in prioritizing cybersecurity when attending major events or traveling this summer, vacation and ticketing businesses must also work to protect customers by differentiating between good and bad actors across all online and mobile transactions. By leveraging a global trusted identity network such as the ThreatMetrix Digital Identity Network, businesses have access to real-time intelligence and protection via a persona-based profile which safeguards consumers’ information, protecting them against fraudulent activity and creates a strong digital assessment on a global network. This enables consistent risk assessments of data and creates a digital persona of users by mapping their online behaviors and devices to effectively differentiate between authentic and fraudulent online activities.
- ThreatMetrix Announces World’s Largest Digital Identity Network at RSA Conference
- eBook: ThreatMetrix Cybercrime Report: Q1 2015
ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real-time, customer-driven analytics platform. These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.
ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix Digital Identity Network, which analyzes more than one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.
For more information, visit www.threatmetrix.com or call 1-408-200-5755.
© 2015 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.
Walker Sands Communications