Online hotel scams are getting increased scrutiny from politicians and the FTC. (Photo: Thinkstock)
By Robert McGarvey
Stop right there. Do not click “book it,” no matter how tasty the hotel deal appears to be.
First, understand that there are enough scammers out there erecting bogus hotel websites – designed to snag your credit-card and personal info such as zip code – that the entire Florida Congressional delegation recently sent a letter to the Federal Trade Commission demanding that the FTC investigate scams that, said the politicians, ensnare thousands of consumers every year.
Last month, U.S. Senator Chuck Grassley (R-Iowa) fired the first warning shots when he wrote the FTC with complaints that as bogus websites proliferate, “consumers subsequently discovered that they had provided their payment information to companies unauthorized by, and unaffiliated with, legitimate hotel chains or travel services.“
“It appears,” Grassley continued, “that many of these third-party companies may be using marketing or other strategies – such as websites with a hotel’s trademarks and imagery – designed to lead consumers to trust that they are booking directly with their hotel of choice.”
Grassley is claiming that, suddenly, there are lots of websites – typically hijacking the legit images, trademarks, sometimes text found on the authentic websites – and this is happening precisely to rip you off.
Now the FTC has, in effect, said there are strong reasons to worry about this. In a pair of recent posts, the agency warned both leisure and business travelers to be on the alert for scammers. Wrote the FTC: "Here’s a tip for business travelers. Just because a webpage looks like the official site of your favorite hotel chain doesn’t necessarily mean it is. Before you reserve a room for your next out-of-town meeting or family vacation, make sure you know who’s at the other end of that BOOK NOW button."
More from TheStreet: Top 10 Travel Destinations for Summer 2015
If you see a place like this on sale for $99 per night, be very suspicious. (Photo: Thinkstock)
Maryam Cope, vice president of the American Hotel & Lodging Association in Washington, D.C., has estimated that as many as 2.5 million bookings a year may be via bogus websites. Not all are designed to rip consumers off outright.
Experts said that some are websites designed to leach commissions and booking fees from hotels, simply by pretending to actually be the hotel. Hoteliers have put up a cry about these con artists – insisting that often the sites promise deals and amenities that won’t be delivered and, sometimes, the bookings do not actually get made and vacationers show up at hotels where they believe they have reservations only to be turned away. None of that is good – it’s a definite bummer for those who are turned away – but what is new is the insistence that suddenly there is an explosion of downright crooked websites that have no interest in booking rooms or collecting commissions. They just want your credit card data.
The Better Business Bureau, in a recent alert, also sounded a loud warning: “Scammers are creating fake hotel booking websites to steal money from travelers. Some scam sites make money by tacking on additional fees, but others charge you for a room that simply doesn’t exist. In any case, sharing your credit card and personal information, such as name, address and phone number, on scam websites puts you at risk for identity theft.”
What’s fueling this uptick? Simple: there’s been an enormous jump in the percentage of hotel rooms that are booked on mobile phones, and it simply is not easy to detect a crooked website at a glance on a small screen, said Craig Lurey, CTO at Keeper Security.
Experts estimate that today about 25% of travel bookings are via mobile and the number grows daily. But don’t think only hotels are targeted.
Said identity theft expert Robert Siciliano: “There are scam/spoofed sites for probably every product and service that exists, and there always will be.” That’s a fact: hotel scam sites may not be significantly more numerous than other crooked websites, but there also is a big temptation to click when you get an email that purports to offer a five-star Hawaii hotel for a jaw dropping $99 per night – the real price probably is upwards of $500. Do you click, or ignore it?
Key advice from experts: if in doubt, just don’t click. Ever.
And don’t assume that a call to a phone number provided on a bogus website will bring anything but grief. That’s because there are more examples where crooks are operating shadow call centers, again designed to separate credit card info from the gullible.
Related: 5 Hotel Scams That Could Ruin Your Next Vacation
More advice from Lurey, especially for those who would struggle with the temptation, is to use only Safari or Chrome browsers on iPhones, and only Chrome on Android. That’s because those leading browsers are continually updated, said Lurey, and they also feature built-in scam-detection tools that are designed to protect mobile users from phishing scams. Lurey stressed that those protections are not perfect, but they are a lot better than nothing, which is what many mobile browsers offer.
Advice from some experts is to not book hotel rooms at hotel websites on a mobile device. Instead, use a mobile app provided by an online travel agency such as Expedia or Hotels.com or a large hotel company such as Marriott or Starwood. That just is more secure.
Bottom line: know that crooks are on the prowl for bargain-hungry vacationers this summer – and always be suspicious. That’s the real path to lasting Internet security.
More from TheStreet: