The dark web and other hazardous places you should avoid

Photo of author

By Christopher Elliott

Think the real world is a dangerous place for travelers? Try visiting the virtual one, a destination filled with shady travel offers and criminals who want to steal your personal information.

It’s the time of year when people start planning their summer vacations, and with everyone watching the bottom line, the temptation to save a few dollars by booking online is strong. That might include searching the underside of the internet for a bargain.

A recent survey by the British security company Comparitech should make you consider carefully where you buy. The research discovered a vibrant market for frequent-flier miles on the “dark web,” a hidden part of the internet that requires special software to access. On one site, Comparitech found that you can buy 100,000 points for as little as $884.

Nothing good happens on the dark web

“The type of sites most commonly associated with the dark web are marketplaces where illicit goods such as narcotics, firearms and stolen credit card numbers are bought and sold,” says the report’s author, Paul Bischoff. “The darkest corners are used to hire hit men, engage in human trafficking and exchange child pornography.”

Bischoff says that if an airline catches you with stolen airline miles or selling your own miles, it can wipe out your account and leave you with nothing.

“Airlines can even cancel your bookings if they’ve found you’ve broken the terms of service,” he says.

A study by Seon, a security consulting company, found any number of travel products available on the dark web. They included airline tickets, car rentals and, on one forum, tours sold at a 30 percent discount. On another forum, customers were “impressed with this seller’s ability to deliver flights bought with stolen credit cards,” the study notes. “With over 200 sales, they had only five-star reviews.”

The dark web is just one of the places travelers should avoid. Others include unsecured websites and wireless hotspots designed to collect personal information. Bottom line: Online security can be as important as physical safety for travelers.

Sodexo North America is part of a global, Fortune 500 company with a presence in 80 countries. Sodexo is a leading provider of integrated food, facilities management and other services that enhance organizational performance, contribute to local communities and improve quality of life for millions of customers in corporate, education, healthcare, senior living, sports and leisure, government and other environments daily. Learn more at Sodexoinsights.com.

You don’t have to visit the dark web to get into trouble

Jonathan Weber, a software developer from East Stroudsburg, Pa., recently found an airline ticket on a Russian carrier called Transaero through a website that specializes in airline ticket price errors. Fare errors are both risky and ethically problematic. Sometimes, airlines honor them, sometimes not. In Weber’s case, the airline went out of business during his trip.

“Luckily, Aeroflot picked up their remaining flights and got us home,” he says. “But it was a hell of a surprise at the airport.”

Even when visiting a legitimate travel site, you might not be entirely safe. Consider the data breach Marriott disclosed last year, in which hackers accessed its reservation systems over four years and exposed private information of up to 500 million customers. Experts say it’s not a question of if, but when the next data breach will happen.

How do you know if a company is taking security seriously? One way is to look for a little padlock icon next to the website address on any page where you can type in sensitive information, including credit card numbers.

That’s missing from a lot of travel sites. At least that’s the finding of Sectigo, a web security company. It recently studied major airline, hotel, travel comparison, car rental, and train websites and rated them on how effectively they were secured. It flagged the sites for Firefly, SkyWest and Ritz Carlton for triggering “not secure” warnings, and numerous others for lesser security issues.

“Many major travel brands fail to provide assurance of their sites’ security and identity,” says Tim Callan, a senior fellow at Sectigo.

Be careful accessing wireless hotspots

But the most common danger to travelers may be the network of wireless hotspots. They’re in public places such as airports, convention centers and hotels.

“Malicious actors can set up fraudulent WiFi networks and even fake mobile hotspots to collect and record traffic that connects to them, especially in top destinations,” explains Matthew Gardiner, a cybersecurity expert at Mimecast, an email and Web security provider.

A 2018 report by Coronet, a cybersecurity company, identified San Diego International, John Wayne Airport in Orange County, Calif., and Houston’s William P. Hobby Airport with the highest hacking risk.

Avoiding a public network pays off in additional peace of mind, says Chandler Givens, CEO of TrackOFF, a provider of data privacy software for consumers. “At the very least, try to stick to sites with “https” in front of the URL, and be careful what kinds of personal information you submit while surfing.”

So what are some solutions?

You can stay off public hotspots, log into a secure public hotspot, such as Boingo, or use a virtual private network (VPN), which offers an extra layer of encryption.

“To protect yourself, for example, when at airports or hotels, find out the official WiFi network of the facility from the management, and don’t connect to any others that you may find to be open,” says Gardiner, the Mimecast security expert.

Incidentally, I used to be a skeptic about the risks of unsecured wireless networks until someone hacked my son’s laptop at the airport. The likely culprit: an unsecured hotspot.

Photo of author

Christopher Elliott

Christopher Elliott is the founder of Elliott Advocacy, a 501(c)(3) nonprofit organization that empowers consumers to solve their problems and helps those who can't. He's the author of numerous books on consumer advocacy and writes three nationally syndicated columns. He also publishes the Elliott Report, a news site for consumers, and Elliott Confidential, a critically acclaimed newsletter about customer service. If you have a consumer problem you can't solve, contact him directly through his advocacy website. You can also follow him on X, Facebook, and LinkedIn, or sign up for his daily newsletter. He is based in Rio de Janeiro.

Related Posts