A cyber threat group is now using artificial intelligence (AI) to target hotels to gain access to guests’ payment information, global cybersecurity firm Kaspersky has warned.
- •The threat group, known as RevengeHotels, has been operating since 2015.
- •It has since upgraded its methods, Kaspersky’s Global Research and Analysis Team says, to make their attacks more effective and reach additional regions.
- •While it has mostly focused on Brazil, the prominence of tourist destinations in South Africa, Kenya and Nigeria means “it is important to consider that no country or hotel is immune to falling victim.”
“Сybercriminals are increasingly using AI to create new tools and make their attacks more effective. This means that even familiar schemes, like phishing emails, are becoming harder to spot for a common user. For hotel guests, this translates into higher risks of card and personal data theft, even when you trust well-known hotels,” Lisandro Ubiedo, an expert at Kaspersky’s Global Research and Analysis Team says.
The threat actor sends phishing emails directly to hotel staff, often disguised as requests for reservation or job applications. Once a hotel employee interacts with the emails, malware called VenomRAT is installed on the hotel’s systems, giving attackers access to guests’ payment data and other sensitive information. The emails often look convincing, coming from legitimate-looking websites.
Among Kaspersky’s recommendations include exercising caution when opening unexpected files, and fine tuning antics-spam settings to ward off customised phishing emails.