Booking Warning/Advisory for Tourism Operators

Scam Targeting Travelers

Tourism PEI has become aware of companies using tourism operators names and information to offer fraudulent bookings. Tourism operators are advised to watch for any "Phishing" activity and to report these incidents.

What is Phishing? 

Phishing is a method of trying to gather personal information using deceptive e-mails and websites. Typically, a phisher publishes a site disguised as a legitimate business. For example, the phisher may post operator information and include a link to request a booking. (So phishing is a form of "social engineering".) The publisher then requests a deposit or payment for a booking. However, the site is bogus, and the traveler can end up paying for a booking that does not exit, and personal data is captured by the phisher. The information may be used to commit various forms of fraud and identity theft, ranging from compromising a bank account to setting up multiple new ones.

Recommended Steps for Tourism Operators

1. Search for your business name on Google and other search engines.
2. Look for any sites where your business is listed, but you have no affiliation with.
3. Find the 'contact us' information on the website and email the site requesting that they remove your information from their site.
4. Submit complaints to search engines which 'may' result in the page not appearing in the search results if the search engine agrees with your complaint.
   • Google Report Phishing http://www.google.com/safebrowsing/report_phish/
   • Bing - Customer Support
   • Yahoo - Customer Support
   • AOL - Customer Support
5. Advise staff to be aware and to recognize the dangers of phishing.
6. Follow recommendations and advice in resources listed below.

Resources

• How you can stay safe and secure online - Google
• 5 tips for staying safe online http://www.google.ca/goodtoknow/online-safety/

The Canadian Anti-Fraud Centre provides helpful information for consumers about these prize offers and how to report these incidents.

RCMP offers tips to avoid email fraud and phishing. http://www.rcmp-grc.gc.ca/scams-fraudes/phishing-eng.htm

Anti-Phishing Working Group (APWG) located at: apwg.org Features a text box in which to copy and paste the contents of the suspicious email you have received, including the header as well as the body of the message. Along the sidebar of the websites, there are additional links of information to learn about phishing scams.

Additional links:

• Anti-Phishing Working Group
• Canadian Anti Fraud Centre
• Microsoft Security at Home
• How to report phishing
• RCMP Reporting Economic Crime Online (RECOL)