Recent media coverage highlighting the risks of booking holiday accommodation online has prompted us all to consider how we can better protect our businesses and our clients from hackers and malicious software.
Reports have detailed typical scenarios which see a holiday maker enquire or book (but not pay for) a cottage online via a genuine website. There then follows a series of emails between the holiday maker and owner about the booking, culminating in a request for payment, most often via a bank transfer.
Nothing strange there as far as the holiday maker is concerned. However, in these few unfortunate cases, the ‘owner’ has in fact been impersonated by a hacker, who has managed to intercept the owner’s emails and then liaise directly with the holiday maker themselves. They send a couple of well written emails about the property before fraudulently taking payment from the holiday maker.
So how can this happen? Very often, the property owner themselves has been the subject of a sophisticated ‘phishing’ scam. They may have been sent a genuine looking but bogus email, apparently from their advertising provider, asking them to log in or ‘reconfirm’ their password.
And by clicking on the hyperlink in the email, the owner is taken to a bogus login page and unwittingly divulges passwords and other security information. This then gives hackers access to their account and enables them to approach holiday makers directly.
So what can be done to prevent this from happening?
10 steps to better protect yourself & your business
1. Be suspicious of emails asking you to log in to confirm your password
An everyday headache for online banking, these scam emails are becoming more and more sophisticated and it pays to double check they are genuine before entering your details.
Avoid clicking on a hyperlink in an email and instead, try your login details directly on the site you’re registered with first. And if you’re in any doubt, telephone the provider themselves.
2. Are you on the right site?
If you have any suspicions about the website you’re looking at, double check that the website address (URL), listed in the address bar towards the top of the page, matches the name of the website on the web pages themselves.
3. Check if your details are listed on another site
Websites like Copyscape allow you to search to see if content from your site is being listed on another site. Similarly, Tineye allows you to see whether photos e.g. of your rental properties are being used on another site.
If you find this to be the case and you have not given permission for this, you can request that your content is removed or report any suspected fraud to action fraud.
4. Keep your software updated
Be sure to keep firewalls, anti-virus programmes and spyware all completely up to date.
5. Use a secure online booking system
Not only will you be able to offer users real time availability and pricing, a secure online booking system will mean you can also take secure payments online thus significantly reducing the likelihood of the kind of fraud mentioned above.
More savvy holiday makers may wish to pay with a credit card since it offers them greater protection in the event of fraud.
A secure system such as SuperControl will use leading edge encryption and password protection. And, since they process, store or transmit credit card information, they will be required to maintain a secure environment and comply with strict Payment Card Industry Data Security Standards (PCI DSS).
6. Create a strong password
A strong password will contain at least 8 characters and comprise a mixture of uppercase and lowercase letters as well as numbers and other symbols found on your keyboard.
Avoid using any part of your company name, user name or real name. Similarly, avoid using complete words.
7. Don’t use the same password twice
Use a different password for each online account you have to significantly minimise the risk of fraud.
8. Change your password on a regular basis
Ideally, this should be done every 90 days or less.
9. Keep your password safe
If you need to write it down to remember it, keep it somewhere safe and don’t label it as your password.
10. Use trusted Wi-Fi hotspots
When you are out and about and away from your home computer, only log on to secure Wi-Fi networks that you trust.
This article was written by Paula Ross, Managing Director of www.HolidayCottageCompare.com. We make finding your perfect holiday cottage simpler and faster.