Phishing: in summer, we wear different clothes, but the risks remain the same

Security Awareness
28 July 2022
phishing estivo
Leopards do not change their spots. Never let your guard down

After another difficult year of restrictions, bad news, challenging choices, and entire days often spent at home in front of the computer, it’s hard to resist the call of the summer holidays. The desire to leave first began to take shape around spring, when the days became longer, the air warmer and the colours more vivid. It became urgent when the heat started to take your breath away. So, we found ourselves daydreaming of crystal-clear, glassy seas, unspoilt beaches, cool mountain forests or, simply, places where we could switch off all our worries and reset our schedules while enjoying some time to ourselves.

However, this is precisely the state of mind in which the first tempting online offer can become the most irresistible siren song that leads us straight into a beautiful trap.

A perfect breeding ground for cyber criminals, always alert to our behaviour and weaknesses.

Online shopping reigns supreme in summer

More and more Italians are choosing to buy their holidays, or certain services related to them, online. According to ISTAT, 66.5% of users (over 7 out of 10) book a holiday exclusively online. Because it’s convenient, it’s faster, it makes us feel more autonomous in our choices, and it makes us feel confident that we have made the best choice for us.

But that’s not really the case.

According to the latest data, spam focused on travel and holidays hit hard in all countries, with a high incidence in the US (37%), Ireland (18%), India (12%) and the UK (9%).

According to a survey conducted by Ermes – Intelligent Web Protection, phishing sites had already increased by more than 20 per cent between April and May to around 50 per cent in mid-July specifically for the “travel” segment.

In short, phishing never goes out of fashion, but it too has its seasonality and follows the trends of collective attention, going from health emergencies, to war, to e-commerce and holidays at a time when everyone is mainly thinking about relaxing and unwinding.

Trendy phishing themes

Online bookings for airline tickets, overnight stays, cruise trips and visa applications end up in the crosshairs of cybercriminals, who never sit back and take things easy.

As far as Italy is concerned, even though it does not rank among the leading countries in terms of the number of summer scams, it is certainly not risk-free, and the experts’ advice is never to let your guard down. Always keeping in mind the data reported by the Italian Postal Police, from the comparison between the first four months of 2022 and those of 2021 phishing attacks were up 103%..

The goal of cybercriminals is always the same. To obtain credit card details, and steal sensitive information or digital identities.
This risk does not only affect individual consumers but also institutions and companies, as more and more people make their holiday bookings through the devices provided by the organisations where they work.
The procedure is always the same: the unwitting user will fill in the various documents requested by the criminals, providing, without their knowledge, credit card details and other sensitive and confidential information. Of course, not only will they not receive any services, but they will also see unfamiliar debits on their account, and their data will be used for future malicious campaigns.

On the subject of travel and holidays, this year also saw an increase in fraudulent messages designed to transmit trojans that can compromise the device and its integrity when downloading the attachment (fake receipt or payment order).

How can we defend ourselves?

Digital behaviour that can help us avoid this kind of scam exist and must always be kept in mind.

For example, it is always advisable to:


      • use well-known and reputable platforms and finalise the payment via the original platform or app

      • verify the address of the establishment through other channels, for example, Google Maps

      • before making any payment or booking, search online for other information or reviews submitted by other users regarding that establishment or service

      • be wary of the message if we notice strange grammar or spelling errors in the text

      • avoid making economic transactions by bank transfer or crypto, it is better to use credit cards or PayPal, systems that are more accessible in the event of disputes

      • never give your credit card details over the phone, and certainly be wary of tourist offers at bargain prices, perhaps presented with beautiful photographs.

    Despite all these precautions, however, it must be borne in mind that cybercrime is constantly evolving and avoiding its pitfalls is an increasingly difficult task. Unless our digital preparedness and posture are continually aligned with cyber crime trends. This, however, requires continuous and up-to-date cyber security awareness training that can put us in a position to deal with the best hidden pitfalls of the Internet and turn us into real cyber scam sleuths. Only in this way can we be truly sure that we will not fall into the darker traps of the web, saving us a lot of hassle as well as wasting time and money.


    Articoli correlati

    I’ve been swindled, now what do I do?

    I’ve been swindled, now what do I do?

    Steps to take in case you fall victim to online scams. "I've been swindled," is the phrase none of us would ever want to think of uttering. Yet we know that the risk of falling victim to online scams is becoming higher and higher, and that this is something that, as...

    read more