PETALING JAYA (ANN/THE STAR) – Industry experts are calling for stronger regulations and protections in response to the growing threat of AI-powered scams targeting hoteliers and travellers.
Dr Sri Ganesh Michiel, president of the Malaysia Budget & Business Hotel Association, emphasised that although such incidents are relatively rare in Malaysia due to close collaboration between hoteliers and online travel agencies (OTAs), they remain a significant concern.
Dr Michiel underscored the necessity for government intervention to regulate OTAs, including international operators like Airbnb.
He pointed out the need for clear procedures in collecting personal information for both domestic and international travel bookings to prevent fake reservations, fraudulent accommodations, and phishing schemes facilitated by malicious APK downloads and external links.
“For instance, individuals should not be allowed to register or make bookings using false names without verifying their identity,” he stated.
Regulation is essential to prevent data misuse and ensure customer safety. Companies like Booking.com are already implementing stringent measures such as policies on external links and two-step identification to enhance security.
“There is a need for laws and regulations to control online platforms and consumer behaviour,” he said.
A report by the chief information security officer of a leading online travel website, Booking.com has noted a sharp rise in global phishing attacks targeting the hospitality sector.
Using AI, it said scammers create realistic emails to trick people into divulging sensitive data like credit cards or personal information.
“For Booking.com to raise the alarm, it means it’s a dangerous trend, as AI can learn and get smarter.
“The platform’s warning underscores the evolving capabilities of AI and the diverse methods perpetrators can exploit to deceive and compromise individuals making travel bookings,” Sri Ganesh said in an interview yesterday.
He noted that except for some individual operators, hoteliers in Malaysia have been working closely with travel platforms like Booking.com and Traveloka and it has helped to address issues effectively.
“The coordination and sharing of information among industry stakeholders have improved to prevent and mitigate scams.
“We are always taught the latest trends and tactics and how to spot possibly fraudulent emails before clicking on any link.”
Malaysian Association of Hotels president Datin Christina Toh said that smaller players may be more vulnerable to scams as large international chains have the tech and cybersecurity support systems in place to handle these challenges.
“Nonetheless, these companies usually have mechanisms to detect and prevent such incidents, including working with their system providers.
“Hotels usually work collaboratively with platforms like Booking.com to identify and address such issues.
“That’s why frequent training and education of hotel staff on the telltale signs of scams is a regular practice to strengthen defences,” she said.
Toh noted that the rapid response capabilities of OTAs are vital in managing these problems, making close cooperation between OTAs and hoteliers essential for maintaining online security and trust in the industry.
Such support is crucial to helping these smaller entities manage and potentially circumvent cyber threats effectively,” she said.
Malaysian Tourism Federation president Datuk Tan Kok Liang recommended proactive steps for travel operators to protect against AI-enabled phishing scams such as providing employee education and training.
“Customers should also be informed about potential scams and taught how to verify the authenticity of communications from the business,” he added. Tan said that establishing secure communication channels is also critical to safeguarding business interactions, and installing robust cybersecurity tools would also help protect against digital threats.
“Finally, conducting regular security audits will help identify and address vulnerabilities, enhancing safety and confidence in online transactions,” he said.
