Don’t let this happen to you before your next trip.
getty
Forget lost pockets and luggage. The biggest threat to your next vacation may lie in Internet slumber.
“Anyone can be a potential victim,” warns Seth Ruden, director of global consulting at BioCatch, a biometrics company. “But frequent travelers are potential targets, as travel rewards, airline miles and other payment details stored in travel accounts can be lucrative and easily monetized.”
People are concerned about cyber security more than ever. In fact, a recent study by Travelers Insurance found that 62 percent of respondents were concerned about online security—the highest level in 11 years. (Travelers polled business owners, but other surveys show their concerns are more broadly reflected.)
What are the cyber threats to travelers in 2025?
There are a variety of cyber threats travelers face, from phishing scams designed to steal personal information to fake travel sites and rental listings that leave victims stranded and financially drained. Check Point Research, a cybersecurity firm, says in 2024, it says 1 in every 33 newly registered holiday-related domains were malicious or suspicious. According to the company, this category included phishing sites impersonating Booking.com, Kayak and other popular travel platforms.
“Threat actors now have the capabilities to identify and target mobile devices, deliver malicious code to devices, log into a device to track your location, activate your device’s microphone, and eavesdrop on messages,” it says. Frank Harrison, Americas regional security director at World Travel Protection. “Adopting cybersecurity measures that focus on risk mitigation is critical to protecting travelers and their data.”
Abhishek Karnik, head of threat research at McAfee, says there are two places where travelers are particularly vulnerable: while they’re booking and while they’re traveling.
“Travelers should stay alert,” he says.
But how?
Practice good internet hygiene
As technology continues to become more deeply integrated into our travel experiences, the risk of cyberattacks when booking travel online or accessing unsecured networks in foreign countries is a real concern.
Peter Hamdy, managing director at Auckland & Beyond Tours, says you need to be on the lookout in 2025.
“From my extensive experience in the travel industry, I can tell you that one of the most significant risks is likely to be the evolving landscape of cyber security threats,” he says.
So take care of your online hygiene – that is, change your passwords often, enable two-factor authentication, don’t click on any phishy links, and never give your password or login codes to a third party. You can also use a travel insurance app to stay safe.
Use a VPN
A virtual private network (VPN) can keep you safer, says Joe Cronin, CEO of International Citizens Insurance.
“Travelers are always looking for free Wi-Fi, but many of the public networks you can connect to are insecure and put your personal data at risk,” he explains. “I always recommend that travelers use a VPN to secure their phones or laptops when using public Wi-Fi.”
Be careful who you trust
One of the most common social engineering threats while traveling is impersonation fraud. Attackers can pose as hotel staff, tour guides, or even fellow travelers to gain access to personal information on your devices, according to McAfee security expert Karink.
“Always verify the identity of individuals before sharing any sensitive information or handing over personal items,” he adds.
Beware of phishing
Phishing – sending emails that impersonate a reputable company to get you to give up personal information – is getting much more sophisticated.
“Travel is a prime opportunity for a fraud campaign,” warns Rishika Desai, a threat researcher at predictive security firm BforeAI. “Many are looking for a deal during a time when prices are particularly high. And cybercriminals are imitating well-known and legitimate brands.”
The fix? Never click on an email and follow a link from a source you don’t know. Always go directly to the company’s website to verify any travel offer.
Beware of AI
Artificial intelligence has given cybercriminals the tools they need to pull a fast one on even the most sophisticated travelers.
“AI can build compelling websites, create more natural language and even generate fake reviews,” says Cache Merrill, CEO of Zibtek, a software developer. “Everything looks a lot more legitimate with AI-driven technology, and people are falling for it.”
Although AI is making it even more challenging for travelers to distinguish legitimate offers from scams, artificial intelligence is not perfect. With a little practice, you can spot AI-generated text, photos, videos — and fake travel offers. Or you can just take a shortcut: If an online offer seems too good to be true, it probably is.
Do this to protect yourself online
Perhaps the best advice is to leave nothing to chance. Unfortunately, travelers are just embracing it, according to recent research. Only about two in 10 business travelers say they are required to take a training course on how to improve cybersecurity, according to a recent survey by Opinium Research.
“Do your research and make sure you have a plan for any potential problems that may arise,” says John Gobbels, chief operating officer of Medjet’s air medical transport and travel safety program. “It’s always more stressful in the moment and easier if you have backup systems or plans.”
There is also support for cyber security, which protects travelers against unforeseen events. For example, BOXX Insurance and World Travel Protection recently released cybersecurity assistance for business travelers that monitors emerging digital risks and helps them anticipate and prevent potential threats and fraud. This type of support may soon be available for leisure travelers as well.
The golden rule of travel has always been to expect the unexpected. In 2025, that means anticipating and preparing for the growing threat of cybercrime. By doing this, you can ensure that your adventures are defined by joyful discoveries – not digital disasters.
ᐧ
