Avoid scam ho­tel bookings

Pay at­ten­tion or pay the price. That’s the bot­tom­line on an on­line ho­tel-book­ing scam that’s re­cently caught the at­ten­tion of a U.S. se­na­tor who has asked the Fed­eral Trade Com­mis­sion to look into th­ese in­sid­i­ous schemes.

Los Angeles Times - - TRAVEL - Have a travel dilemma? Write to travel@la­times.com. We re­gretwe can­not an­swer ev­ery in­quiry.

This isn’t a new hoax, but it has re­cently cometo the at­ten­tion of Sen. Chuck Grass­ley (R-Iowa), who has ex­pressed his con­cerns in a let­ter to the FTC. In it, he noted that du­plic­i­tous third-party book­ing sites, which dress them­selves up to look like le­git­i­mate sites, get peo­ple to book.

If they get rooms — and they of­ten don’t — con­sumers who ar­rive at the ho­tels may not have the ameni­ties they re­quested or, worse, ne­ces­si­ties such as a hand­i­capped-ac­ces­si­ble fa­cil­i­ties.

And, most crit­i­cally, their pay­ment de­tails may have been ex­posed.

The FTC could not pro­vide me with in­for­ma­tion on what steps it might take to ad­dress the con­cerns Grass­ley out­lined.

But the is­sue rep­re­sents a huge threat to the con­sumer.

“In North Amer­ica, about 480 ho­tel bookings are made on­line ev­ery minute,” said Maryam Cope, vice pres­i­dent of gov­ern­men­tal af­fairs at the Amer­i­can Ho­tel & Lodg­ing Assn., whose fig­ures show that about 2.5 mil­lion bookings a year may be af­fected.

The scam in­volves many vari­a­tions on “phish­ing,” de­signed to get you to di­vulge per­sonal in­for­ma­tion. Most familiar is the email that tells you about a great deal on ho­tel rooms. All you have to do is click a link. (Don’t.)

Or you might search for “ho­tel rooms in XYZ City” and up pops a site that looks like the site of a chain you know and trust— but it isn’t that site. You’re busy so you don’t no­tice that some­thing is not quite right. (Are there ex­tra words in the URL? A le­git­i­mate site is usu­ally It­sName.com.)

Or a hot tip could come through so­cial me­dia. “It’s tak­ing ad­van­tage of trust,” said Scott Olson, vice pres­i­dent of prod­uct for Io­va­tion, a de­vice-based fraud in­tel­li­gence com­pany. (Would your friend rec­om­mend a ho­tel chain? Re­ally? Think about get­ting more in­ter­est­ing friends.)

The crooks are be­com­ing in­creas­ingly so­phis­ti­cated, tech and travel ex­perts say.

“It’s easy for some­one to ‘skin’ an­other com­pany’s web­site to cre­ate a phish­ing web­site,” said Henry Harteveldt, founder of At­mos­phere Re­search and a travel an­a­lyst. The bad guys are “ba­si­cally tak­ing the look and feel and copy­ing, in some cases with an alarm­ing amount of ac­cu­racy.” But, he added, there’s “no real con­tent, no real func­tion­al­ity.... All [the site is] do­ing is cap­tur­ing your per­sonal in­for­ma­tion.”

Th­ese phony sites are es­pe­cially hard to de­tect on mo­bile de­vices, whether smart­phone or tablet, on which the type tends to be smaller or harder to read. Thus you may not no­tice that there’s some­thing fishy about the URL, which may in­clude an­other name along with the le­git­i­mate ho­tel name.

That’s alarm­ing be­cause mo­bile rep­re­sents about a quar­ter of travel bookings, said Umar Riaz, man­ag­ing direc­tor of the hos­pi­tal­ity and travel ser­vices prac­tice at Ac­cen­ture, a man­age­ment con­sult­ing firm.

One sav­ing grace, Riaz said: You’re more apt to use a le­git­i­mate app on­mo­bile.

Even if you’re among the peo­ple who use a PC or desk­top to book travel, you may not be ac­cus­tomed to look­ing at sites closely. Here are some clues that the site is a scam:

Spell­ing, punc­tu­a­tion or gram­mat­i­cal er­rors.

Miss­ing a “lock” in the left side of the ad­dress bar. “En­sure that the web­site you are vis­it­ing sup­ports ‘https’ when book­ing ho­tels, shop­ping or en­ter­ing any type of per­sonal in­for­ma­tion,” said On­drej Kre­hel, chief tech­ni­cal of­fi­cer and founder of LIFARS, a cy­ber­se­cu­rity in­tel­li­gence firm based in New York City. You’ll know you are con­nected by https if you see a lock in the URL bar of your Web browser.

Un­fa­mil­iar­ity. You don’t rec­og­nize the site or you haven’t done busi­ness with it. About 30% of users will use a search en­gine ask­ing for “ho­tels in San Fran­cisco,” for in­stance. That can be danger­ous, Riaz said, be­cause it opens you up to a fake site. Bet­ter to go through an es­tab­lished ho­tel site such as www.mar­riott.com or use an on­line travel agency such as Ex­pe­dia or Trav­e­loc­ity, or an ag­gre­ga­tor such as Kayak or Ho­tels.com.

Too good to be true. Be es­pe­cially wary if the fab­u­lous of­fer ar­rives in your email. If you’re of­fered the Four Sea­sons Maui for $200 a night, hit delete. (I checked ran­dom dates in July for that prop­erty in Wailea and it starts at $639 a night, its for real web­site said.)

Also be afraid if the email uses an odd salu­ta­tion. (I just found an email in my spam folder that be­gins, “Good day to you.” Be­sides the fact that no one talks that way any­more, it also was pur­port­edly from Jack Lew, who wants to send me $10 mil­lion. He prob­a­bly has more im­por­tant things to do in run­ning the Trea­sury Depart­ment than to no­tify me of this in­her­i­tance.)

A but­ton that gives you a phone num­ber (or, on­mo­bile, con­nects you) to the “ho­tel.” If you de­cide to call, as­cer­tain whether it’s le­git­i­mate by ask­ing lots of ques­tions. For in­stance, how many rooms does the ho­tel have? How far is it from the air­port? What shop­ping is nearby — ask for names of re­tail­ers. What are some restau­rants not in the ho­tel?

If the per­son fal­ters, hang up. Use a le­git­i­mate tele­phone num­ber-find­ing web­site (I like WhitePages.com, which has a busi­ness cat­e­gory) and call that num­ber and ask the same ques­tions. Book­ing by phone is in­creas­ingly un­com­mon, in part be­cause you may miss le­git­i­mate spe­cials, so be sure to ask about In­ter­net rates and then get the real URL.

If all of this has made you queasy, try a travel agent. We have be­come used to do­ing it our­selves, but an agent gen­er­ally isn’t go­ing to fall for a fake web­site. And an agent may be able to get you ex­tra value— a room up­grade or a free break­fast. (That’s not too good to be true; that’s just good busi­ness.)

Fi­nally, trust your in­tu­ition. Cope, of the ho­tel as­so­ci­a­tion, said that many peo­ple who were taken in by fake sites thought some­thing was off but ig­nored that nag­ging voice in their head. Butin this case, pay at­ten­tion. The price of fail­ing to do so may be much more ex­pen­sive than a ho­tel room.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.