By David DeMoss
Unfortunately, computer data breaches, hacks, and scams against the hospitality industry have been an issue for quite some time. According to a 2018 survey, hotel booking scams resulted in almost $5.2 billion in fraudulent transactions in 2017, conning nearly 23% of all consumers. To combat these online booking scams, a bipartisan bill called The Stopping Online Booking Scams Act has been reintroduced to Congress. The bill requires that unaffiliated third-party booking websites must disclose that they are not affiliated with the hotel in any way before charging customers. In addition, the Federal Trade Commission (FTC) and state attorney generals will now have the authority to take action against scammers who can’t prove their legal affiliation with hotels. While these booking scams can be difficult to detect, this new bill will hopefully decrease the duplicitous activity and provide the authorities some ability to fight back. More details from Bambi Majumdar, below.
For years, hoteliers have lobbied Congress to act against growing online scams that lead to fake confirmations of reservations, unnecessary fees, customer harassment, and deal a significant blow to hotel brands. It seems that their calls are finally being heeded.
A bipartisan bill, the Stopping Online Booking Scams Act, has been reintroduced in both chambers of Congress to combat online hotel booking scams. If passed, hotel scams would become punishable by law, and scammers would find it harder to get away with their schemes.
The bill mandates that, before charging customers any fees, unaffiliated third-party booking websites will have to disclose that they are not affiliated with the hotel so that they can’t fool customers into paying for hotel services.
The Federal Trade Commission (FTC) and state attorneys general will now have the power to take action against scammers who are unable to prove their legal affiliation with the hotels. Third-party online reservation sites must be upfront with customers and adequately disclose whether or not they are directly affiliated with the hotels.
Online skimming has dealt several blows to hospitality e-commerce sites. To combat this practice, the PCI Security Standards Council (PCI SSC) has now joined hands with the Retail and Hospitality Information Sharing and Analysis Center (RH-ISAC) to highlight the threats.
We increasingly hear of data breaches and hacks against the hospitality and retail industries. Some examples of these attacks to third-party applications and services include live chat functions, advertising scripts, and customer rating features.
They infect e-commerce websites with malicious code that is almost undetectable. They “skim” payment card information during a transaction, and the merchant or consumer only comes to find out after the payment information has been compromised.
Third-party sites have come in handy for hotels and consumers, easing the process of online booking and showing comparable prices. But as we have seen, they are prone to attack. More than that, fake third-party sites that appear legitimate but may take your money are alarmingly growing in number.
According to a 2018 survey, hotel booking scams resulted in nearly $5.2 billion in fraudulent transactions in 2017 alone, duping close to 23% of all consumers. When someone books a room, they immediately get a confirmation. But when they arrive at the hotel, they realize they have been scammed, and the fake site now has their personal information and credit card number.
The other common scam is to call guests in the middle of the night, impersonating as front desk personnel. They claim that the guest’s credit card information has been lost and needs to be replaced immediately. Groggy and sleepy, guests may hand over important information over the phone and thus risk losing their identity and money.
The bipartisan bill is good news, indeed, but that is not enough. Hoteliers and customers have to extra vigilant when using third-party booking sites.