AI Sparks New Cybersecurity Challenges for Travel Brands
The travel and hospitality sector has long been a prime target for cybercriminals, but the rise of artificial intelligence is escalating both the frequency and sophistication of attacks. Speaking at Phocuswright Europe in Barcelona, Marnie Wilking, chief security officer at Booking.com, warned that while AI offers powerful tools for innovation, it’s also accelerating threats in a sector built on trust and human connection.
“The hospitality industry exists to serve people, which makes it more vulnerable to deception,” Wilking said. Scammers often impersonate customers asking for help or pose as travel partners requesting payments—tricks that can easily lure staff into inadvertently giving access or downloading malware. The social nature of the industry, she added, makes staff more inclined to assist, sometimes without verifying legitimacy.
One of the most common—and rapidly evolving—forms of attack is phishing. Although phishing has existed since the early days of email, Wilking noted a dramatic spike in such incidents since the launch of ChatGPT and other generative AI tools. These platforms have enabled attackers to craft convincing phishing emails in multiple languages with fewer spelling or grammatical errors, increasing their success rate. Some reports suggest phishing incidents have surged by as much as 1,000% since late 2022.
Credential stuffing is another growing threat. This tactic involves hackers using email and password combinations—often sourced from prior data breaches and sold on the dark web—to try and log into accounts across multiple platforms. Because many users still reuse passwords, attackers can automate login attempts across retail and travel sites like Amazon, Netflix, or Wayfair, gaining access to sensitive data and accounts.
Wilking also highlighted the rising concern around nation-state cyberattacks. These highly coordinated efforts are no longer limited to espionage; they now involve infiltrating smaller companies to gain access to larger targets through supply chain vulnerabilities.
Despite these evolving threats, AI is also becoming a tool for defense. Travel brands are leveraging AI to detect anomalies in login behavior, analyze user patterns, and flag potentially malicious activity in real time. However, Wilking stressed that prevention and education remain critical. Companies must not only implement strong detection systems but also train staff to recognize suspicious behavior and adopt secure digital habits.
As cybersecurity risks multiply, the conversation emphasized that trust must be preserved through vigilance, transparency, and layered defense strategies. With travel brands serving as custodians of massive volumes of personal and financial data, the stakes for getting it right are higher than ever.
Related news: https://airguide.info/category/air-travel-business/artificial-intelligence/, https://airguide.info/category/air-travel-business/travel-business/