- Dark Web Travel Agencies: Discover how stolen hospitality data fuels fraudulent bookings and impacts customers.
- From Breach to Booking Abuse: Learn the lifecycle of stolen hotel data and its exploitation on the dark web.
Trustwave SpiderLabs’ just released Deep Dive: How Threat Actors Turn Vulnerabilities into Big Business offers an amazing look at how threat actors use information from hospitality victims to conduct a myriad of fraudulent activities.
This report, which is a companion piece to Trustwave SpiderLabs’ 2025 Trustwave Risk Radar Report: Hospitality Sector, shows that for many organizations, the initial incident may be just the first step in a long string of fraudulent activity that uses the stolen data to impact the organizations and often their customers.
Hospitality organizations, from hotels to casinos to restaurants, retain a great deal of highly prized customer information that can not only be directly sold to other threat actors, but to book travel plans through what are essentially dark web “travel agencies”.
A Quick Glimpse: Traveling Via the Dark Web
SpiderLabs describes and offers detailed examples of how credit cards and identification information are stolen, and other pieces of data are used to defraud online booking sites. This is done by offering travel at well below market costs.
Essentially, the threat actor community has worked together to develop and continuously update systems to use stolen information to book travel on legitimate sites.
When successful, this activity not only costs the hotel or airline money, but it can also directly impact the consumer whose card was taken, and finally, the travel site, which has its reputation damaged.
Without aggressive fraud detection, closer vetting of partners, and cross-platform intelligence sharing, the hospitality industry remains vulnerable to a coordinated wave of booking abuse.
The report contains all the fine details on how threat actors gain access, maintain persistence, exfiltrate data, and then use it for financial gain.
Please download all three Trustwave SpiderLabs hospitality industry reports:
