Booking.com’s chief information security officer (CISO) has warned about an AI-driven dramatic increase in travel scams. 

Marnie Wilking warned that scams had risen between 500 to 900 percent over the last 18 months. 

The launch of OpenAI’s ChatGPT and other services has made powerful GenAI tools accessible to everyone, leading to a significant rise in phishing attacks.

Addressing an audience at the Collision technology conference in Toronto, Wilking said: “Of course, we’ve had phishing since the dawn of email, but the uptick started shortly after ChatGPT got launched.

“The attackers are definitely using AI to launch attacks that mimic emails far better than anything that they’ve done to date,” she added.

Phishing is a form of cyberattack in which bad actors mimic trustworthy sources to obtain bank details and other sensitive information, and is often achieved through emails and internet booking links.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

Booking.com is a popular target for these scams as it allows bad actors to set up fake holiday profiles for people to book. Once a user transfers funds, bad actors can disappear from the website. 

The use of AI features has allowed bad actors to create convincing images and text in multiple languages, the Booking.com CISO said. 

In February, the UK’s AI safety body found that advanced AI models could have the ability to enhance the capabilities of novices looking to carry out a cyberattack. 

Several concerns were raised in published findings from the AI Safety Institute’s (AISI) research into large language models (LLMs).

In collaboration with cybersecurity consulting firm Trial of Bits, the AISI assessed the extent to which LLMs could make it easier for a novice to carry out a cyberattack. 

The AISI found that AI could help novices with some malicious tasks. 

In one instance, the institute found that a LLM was able to create a “highly convincing social media persona” for a “simulated social network which could hypothetically be used to spread disinformation in a real-world setting.”