Scammers want to wreck your vacation travel plans

You may be ready to take off for summer, but rest assured, credit-card thieves are still hard at work.

While rates of online fraud attacks against merchants in the travel industry were down 33 percent in 2016, compared to 2015, consumers who buy online are still vulnerable to fraudsters. That's according to data from Forter, a New York-based provider of e-commerce fraud prevention and detection services.

Some 15 million bookings are linked to phony websites and call centers, resulting in $1.3 billion in transactions each year, according to the American Hotel & Lodging Association, an advocacy group that represents the hotel industry.

Hotels may try to accommodate guests to the best of their ability in these cases, but if a customer paid a deposit to a scam site, then the money is typically lost, said Katie Longo, a spokeswoman for the association.

When it comes to travel that's booked online, thieves aren't looking for a vacation to the Caribbean on your dime.

Rather, they're scraping your personal and financial data on the dark web and using it to purchase and resell flight tickets, according to Michael Reitblat, CEO of Forter.

They're also creating fake travel sites and baiting shoppers with deals that are too good to be true. Some of those sites are so well designed, they fool travelers into believing that they're on a legitimate cheap travel site.

"Not all discounted travel services are fraudulent, but a lot of them are," Reitblat said. "It's never been easier to set up a site that looks legit: Fraudsters buy a cheap domain, and it will disappear after a few weeks because it's migrated elsewhere."

Reitblat points to two top priorities for consumers: Protecting their card data from scammers and avoiding the purchase of illicit goods.

Here's how to cover those bases.

• Strengthen your credentials: If you've been using the same simple password for a range of different websites, then you've painted a target on your back. "Change your password every six months and don't use the same password for everything," said Reitblat.
  
  
• Stick with the retailers you know: A website that's touting unusually cheap flight tickets should arouse your suspicion. Stick with online travel sellers that are established, including Priceline and Expedia, said Reitblat.
  
  Ensure that the URL is correct, and look for the "HTTPS" in the prefix of the web page address and the "lock" icon in your browser when you're on the site. That's an indication that you're on a secure site.
  
  
• Check the history of the travel site you're using: Maybe you've turned up a fabulous deal on a travel site. Ensure that you're not buying from a fly-by-night retailer by checking up on the website's history and traffic.
  
  "If the site was just created last month and doesn't have a lot of traffic, then it's suspicious," said Reitblat. SimilarWeb and Alexa both provide these details on websites.