How Scammers Are Using AI to Trick Travelers
If you’re planning a trip in the spring or summer, it might be worth taking your time and carefully considering the process. Fraudsters are making a killing off travelers: the Federal Trade Commission recorded over 58,000 reports of travel, vacation, and timeshare plan scams in 2024, with losses totaling $274 million. And artificial intelligence is helping them escape prosecution.
How scammers target travelers
Some of the most common travel scams involve impersonating other people, brands, and advertisers. For example, scammers post fake vacation rental listings and collect payments (sometimes by pressuring you to use bank transfers or currency exchange apps), leaving you homeless or in accommodations far worse than what you booked and paid for. At the end of your trip, the unscrupulous host may attempt to make fraudulent damage claims and force you to pay hundreds or thousands of dollars for something you didn’t do.
Fraudsters also impersonate travel agents and booking platforms, allowing them to collect sensitive personal information and money before you even realize it’s a scam. Booking.com is a common target for these scams. Several campaigns have used a fake version of the site to distribute malware —another, known as “I Paid Twice,” targeted both Booking.com and Expedia.
Other types of travel scams include fake flight cancellation notices (which direct you to rebook on a phishing site), fake customer service phone numbers advertised in both sponsored ads and legitimate business listings, and deals that seem too good to be true.
Artificial intelligence is facilitating fraud in the tourism sector.
These days, even savvy consumers can fall victim to these kinds of travel scams. As travel expert and consumer advocate Christopher Elliott writes in The Seattle Times , artificial intelligence has made traditional scam indicators virtually obsolete. We can no longer rely on obvious grammatical and spelling errors to distinguish truth from lies, as tools like ChatGPT and Gemini can reproduce human speech almost flawlessly and generate authentic-looking content—such as photos, rental listings, and entire websites—almost instantly.
According to McAfee , one of the most common ways AI has changed the travel fraud landscape is voice cloning. Fraudsters can create deepfake calls using just a few seconds of voice samples taken from promotional materials or customer service recordings. You might not be able to tell the difference between a fake airline representative, hotel employee, or travel agent and the real deal, and scammers exploit this to obtain everything from passport details to credit card numbers.
Artificial intelligence also makes phishing attacks much more difficult to detect, as scammers can craft booking confirmations and other messages using authentic brands and perfectly crafted text. Fake booking sites (as described above), rental listings, and tour pages are virtually indistinguishable from the real deal thanks to AI-generated photos, videos, and reviews.
How to spot travel scams using artificial intelligence
Fortunately, AI hasn’t eliminated all the signs of fraud. Urgency should always raise red flags, as scammers rely on victims to respond to demands without thinking. If you’re pressured to provide information, pay money, or book something before the offer expires, it could be a scam. Take your time and verify the information before taking any action.
If you’re asked to send money in cryptocurrency, via bank transfer, gift cards, or through apps like Venmo and Zelle, it’s almost certainly a scam. Always book travel through trusted platforms, using credit cards that have fraud protection and can’t be traced or disputed.
If a customer service representative contacts you about your trip, ask them to confirm your booking details before providing any additional information. If they can’t confirm details like your booking number or card details, they likely aren’t an official representative of the company. If you’re unsure, hang up and call the hotel, airline, or travel agency using the contact information you obtained from an official source.
Finally, carefully check travel websites for hidden signs of fraud. Beware of URL tricks, such as homograph attacks and typosquatting , which are used to spread malware. Legitimate companies will also post contact information and privacy policies on their websites. Avoid accessing websites through search results, unsolicited emails, and social media messages – instead, go directly through trusted channels or enter the correct URL into the address bar.