In the middle of the countdown for summer trips, a new research by ProofPoint warns about a critical vulnerability in the online tourism sector in Spain. The study reveals that 35% of the country’s main travel portals do not use the strictest protection measures against email fraud, exposing millions of tourists to possible scams in one of the moments of greatest volume of reserves of the year.

The investigation has focused on analyzing the adoption of the DMARC protocol (Domain-Based Message Authentication, Reporting and Conformance), a tool designed to authenticate the emails and stop the attempts to supplant identity. Although 100% of the websites analyzed in Spain have implemented a basic configuration of this system – a figure that places the country ahead of the majority of its European and the Middle East -, only 65% ​​have opted for the safest level of protection: the “rejection” policy.

“Travel reserves usually represent a significant number of high -value financial transactions and entail experiences of great personal and emotional value. This combination makes travelers to main objectives for cybercriminals,” says Matt Cooke, proofpoint cybersecurity strategist. “The attackers actively use sophisticated fraud by email, especially during the high holiday season.”

The ProofPoint study alert to the growing risk of cyber attacks in full holiday season and calls to reinforce protocols such as DMARC

Travel websites

The study highlights that fraudulent emails usually take the form of false confirmations, irresistible promotions or urgent requests for payment. Despite their convincing appearance, these communications may end up costing offsessing users, both in economic terms and privacy.

Cooke also underlines the responsibility of companies in the sector: “They have the social obligation to prevent their domains from using attacks. Applying a rejection policy with DMARC not only protects their clients, but also their own reputation.”

With the Spaniards making an average of 4.4 trips a year, the increase in activity on online platforms is an ideal breeding ground for cybercriminals. Hence the importance of redoubled cybersecurity efforts in an environment where, according to the study, only 46% of the tourist portals of Europe and the Malicious emails actively blocks.

Security tips

To strengthen consumers protection, ProofPoint recommends adopting safe digital habits such as the use of unique passwords, activating multifactor authentication, distrusting unpaid offers, avoiding clicking on doubtful links and always verifying the legitimacy of reserve sites. He also advises to investigate opinions before facilitating payment data or downloading applications related to tourist services.

Alex Chen
Alex Chen

Alex Chen serves as the chief editor of Asia Tech Journal, bringing over a decade of experience in technology journalism. Previously writing for several globally renowned publications, Alex is celebrated for his insightful analyses and in-depth reporting on tech trends across Asia. Passionate about innovation, Alex specializes in the dynamic technology ecosystem of China and its global impacts.