Travel Tuesday, the day after Cyber Monday that promises enticing discounts on flights and hotels, has cemented itself as a marquee event for globetrotters and deal-hunters. But while travelers eagerly click “book,” another set of fingers hovers over keyboards in a far darker corner of the internet: cybercriminals. This year, Travel Tuesday became a battlefield not only for discounted deals but also for the escalating war on bot-driven cyberattacks.
Cyberfraud protection company DataDome revealed startling insights into the scale and sophistication of attacks targeting the travel industry during peak booking periods. Their Advanced Threat Research team’s findings paint a sobering picture of how cybercriminals exploit the vulnerabilities of travel platforms to wreak havoc.
The Top Cyber Threats
Travel platforms are lucrative targets for cyberattacks due to their high traffic and wealth of sensitive data, including payment information and customer accounts. DataDome’s analysis uncovered the following primary threats:
Data Scraping (Over 3.7 Billion Attempts Blocked)Competitors—and sometimes malicious actors—use bots to scrape pricing data in real time, undercutting deals or manipulating market rates. The high volume of these scraping attempts clogs travel companies’ servers, delaying or even disrupting services for legitimate users.
Credential Stuffing (Over 73 Million Attempts Blocked)Stolen credentials are the cornerstone of this attack. Cybercriminals attempt to access user accounts, siphoning off loyalty points, personal data, and even booking unauthorized trips to resell on the dark web. Victims often face fraudulent charges and other financial headaches in the aftermath.
DDoS Attacks (Over 73 Million Attempts Blocked)Distributed Denial-of-Service (DDoS) attacks flood travel websites with overwhelming traffic to slow down or crash systems entirely. These attacks, frequently aimed at sabotaging competitors, can lead to significant revenue losses for businesses and a nightmarish experience for users.
Where the Threats Are Coming From
Behind the scenes, these attacks are powered by an evolving ecosystem of IP proxy services that disguise malicious bot traffic as legitimate users. DataDome’s research broke down the origins of these attacks:
Residential IPs (60-70%): Hackers favor residential proxies for their uncanny resemblance to human users, making them harder to detect and block. These proxies, offered by numerous online services, have become the go-to choice despite their higher cost.
Data Center IPs (20-25%): While fast and readily available, these proxies are more likely to raise red flags because of their rare use by actual humans. They are often blocked quickly by sophisticated defenses.
Mobile IPs (10-15%): Mobile proxies leverage connections from major ISPs, blending in seamlessly with legitimate traffic and making detection an ongoing challenge.
Cybercriminals Target the Travel Goldmine
The travel industry’s reliance on complex, interconnected platforms creates a fertile environment for cybercriminals to thrive. With millions of users logging on during events like Travel Tuesday, platforms are under immense pressure to deliver seamless service while protecting sensitive data. Yet, the findings from DataDome reveal just how thin that line is between a successful sale and a catastrophic breach.
Fighting Back
Cybersecurity companies like DataDome are deploying advanced AI-driven solutions to stay one step ahead of these threats. Their ability to identify and neutralize bot activity at scale—blocking billions of malicious attempts annually—is critical for safeguarding travel platforms.
Still, the rise in bot sophistication underscores a harsh reality: As long as there’s profit to be made, hackers will innovate. Consumers, too, have a role to play, from using strong, unique passwords to enabling two-factor authentication for their accounts.
The battle for Travel Tuesday’s deals is far from over—but so is the battle to keep the internet safe.
For more insights into this research or to explore solutions, DataDome’s experts remain at the forefront of this ongoing fight.