CHARLOTTE, NC – Cyber security experts issuing a warning ahead of the holiday travel season. Fake TSA websites that are extremely detailed, scamming people for hundreds of dollars.
“One of the things we know about cyber criminals is that they’re constantly evolving their tactics. Trying new things to see what sticks,” explained Crane Hassold.
He is the Director of Threat Intelligence at Abnormal Security. He says they’re seeing a new email scam that pretends to be a TSA Renewal notice.
It walks people through a seemingly legitimate process and ends with a request for more than $140 dollars paid via Paypal.
“The email itself looked pretty legitimate. All those spelling and grammatical errors that you would normally look for in a phishing email, they weren’t really there,” said Hassold.
Hassold says this new scam is incredibly detailed. Instead of a rudimentary web page, it’s an entire website with legitimate information, which can be deceiving to the recipient.
“The number of red flags that actually stood out here were actually pretty minimal. Which probably makes it a lot more difficult to detect and in my opinion probably has a pretty high success rate,” explained Hassold.
He says the attacks ramp up during the holidays when people are busy, distracted, and likely booking travel.
To avoid falling victim, Hassold says to check the website origin, for example an email from TSA should have a “.gov” rather than “.com” address. He also says a singular payment option should also be a red flag.