Dec 14, 2025
Four years ago, Joel Kramer thought he'd secured the perfect Rhode Island beach house for his family vacation. When the property manager from "Golden Vacation" sent him a Vrbo listing, he paid half the $4,000 rental fee up front.
But the day before they were supposed to check in, reality hit.
Advertisement
"I emailed, no response. I emailed again, no response. We called and got a Verizon response saying this number is no longer active," Kramer told The Washington Post (1).
The Kramers had been scammed — and they're far from alone. The Federal Trade Commission (FTC) received nearly 10,000 fraud reports in Q2 2025 and thieves took $40 million — $5 million more than the prior year.
As the holiday travel season approaches, cybercriminals are deploying increasingly sophisticated tactics that even savvy travelers might miss. Here are some common scams to watch for.
Scam #1: Phony rental listing
This remains one of the most common travel scams. Thieves steal real online rental profiles — complete with professional photos and glowing descriptions — and present them as their own. And sometimes, properties are completely made up.
There are several red flags to note:
- Property listed on multiple sites with no guest review history
- Listing contains incorrect grammar, spelling and/or low-resolution or stock photos
- Requests to communicate and pay outside the platform
- Property owner claims to live overseas (as in Kramer's case, where "Mark Meyer," posing as the property agent, said the owner lived in Ireland)
- Pressure to act quickly and/or pay through services with weak consumer protection, like XOOM, Venmo, Zelle or wire transfer, instead of by credit card
Must Read
- Dave Ramsey warns nearly 50% of Americans are making 1 big Social Security mistake — here’s what it is and the simple steps to fix it ASAP
- Robert Kiyosaki begs investors not to miss this ‘explosion’ — says this 1 asset will surge 400% in a year
- Vanguard reveals what could be coming for U.S. stocks, and it’s raising alarm bells for retirees. Here’s why and how to protect yourself
Join 250,000+ readers and get Moneywise’s best stories and exclusive interviews first — clear insights curated and delivered weekly. Subscribe now.
Scam #2: Fake travel website
Here, scammers create near-perfect copies of popular travel booking sites, including layout, look and feel. The difference might be as subtle as a small change to the URL.
When you "book" something on a fake travel site, you're actually providing your credit card information directly to cybercriminals who may use it while you're still on that site (without actually booking anything for you).
Keep your eyes peeled for slight variations in familiar web addresses (extra words, hyphens, misspellings), deals that seem significantly better than official sites and a lack of secure payment indicators, such as “https,” or the padlock icon.
Scam #3: Social media-informed hotel hoax
Posting vacation photos on social media might seem harmless, but scammers are mining these posts for targeting information.
Advertisement
AI technology is even helping them pinpoint where travelers are staying based solely on visual cues in photos, like background architecture, pool designs and restaurant interiors — without needing geotags or explicit location data.
Once they've identified your hotel, fraudsters send messages crafted to look like they're from the property's management team. These typically claim there's a billing issue — perhaps a credit card authorization failed or an incidental charge needs processing.
The message creates urgency around resolving the "problem." While the email or text might include legitimate-looking links to the actual hotel website, the phone number provided connects directly to the scammers who are waiting to extract your payment details over the phone.
Look out for surprise billing notifications while you're mid-stay, demands for immediate payment via phone call and payment requests through unconventional channels like wire transfer, gift cards or payment apps.
Read More: Dave Ramsey says this 7-step plan ‘works every single time’ to kill debt, get rich in America — and that ‘anyone’ can do it
Scam #4: Urgent message
Scammers send "urgent" text messages to appeal to people's emotions, with the goal of creating fear and immediate action.
For example, one might say your reservation needs immediate confirmation. A message like that creates panic and demands instant action. In a frenzy, you might call the fake number or click on a corrupt link, inadvertently disclosing your credit card and personal information.
Be sure to watch for:
Advertisement
- Unsolicited texts from companies you don't recall signing up with
- A frantic, urgent tone demanding immediate action
- Links or phone numbers you haven't verified
- Threats of legal action or lost benefits
Scam #5: False CAPTCHA
Even routine website interactions have become dangerous territory. In fake CAPTCHA scams (3), travelers think they're proving they're not a bot, but instead they're actually installing malware on their computers.
The scam involves "verification steps" requiring keystroke commands like pressing Windows key + R, CTRL + V and then enter. These commands allow cybercriminals to install malware and steal personal information, including passwords and social security numbers.
Watch for verification requirements outside of normal login or account creation processes, any request to perform keystroke commands for a CAPTCHA test and requests unrelated to completing a financial transaction.
The coming wave: deepfakes and voice cloning
The above scams are bad enough, but travelers should brace for an even more disturbing trend.
Deepfake-related incidents surged to 580 in the first half of 2025 alone — nearly four times as many as in all of 2024. And losses from deepfake fraud have skyrocketed to $897 million cumulatively, with $410 million lost in just the first half of 2025. (4)
Imagine receiving a call that sounds exactly like your airline's customer service or a hotel manager. All it takes is just 15 to 30 seconds of someone's voice for certain AI tools to create convincing voice clones. (5) In one notorious case, scammers used AI to clone a CEO's voice and successfully authorized a $243,000 bank transfer. (6)
Advertisement
The key thing to protect yourself here is to be alert and thorough. Stay skeptical and treat travel deals like any other financial transaction. That means taking time to slow down and verify everything and, above all, don't give in to emotional urgency.
How to protect your finances before you travel
There are things you can do to protect yourself from fraud before taking that trip. For starters, use credit cards or visa debit cards — not e-transfers or wires — so that if your card gets compromised, your cash isn't directly at risk. Credit cards offer fraud protection and dispute rights.
Enable purchase alerts by setting up real-time notifications for all card transactions. That way, you'll immediately know if unauthorized charges occur. To reduce risk, check with your card issuer about setting temporary lower spending limits or location-based controls while you travel.
Avoid prepaying your accommodation reservations in full (unless it's a verified, refundable booking through a reputable platform). And be sure to keep digital copies of your itinerary, receipts, and booking communications, just in case disputes arise.
How to recover if you get scammed
If you do fall victim to a scam, don't wait. Act immediately by contacting your card issuer or bank the moment you suspect fraud. The faster you report it, the better your chances are of freezing transactions and recovering funds.
File reports with the FTC at ReportFraud.ftc.gov and the FBI's Internet Crime Complaint Center at IC3.gov. This is crucial, as official documentation can help recover funds or flag large-scale scam operations.
If you booked through Airbnb, Vrbo, Expedia, or a similar platform, report the fraud to them immediately. Many offer purchase protection and may issue refunds if you booked through their official sites and followed their payment guidelines.
Finally, be sure to gather all communications, screenshots, and transaction records, so it's ready to share if needed. This documentation will be crucial for disputes and investigations.
Article sources
We rely only on vetted sources and credible third-party reporting. For details, see our editorial ethics and guidelines.
The Washington Post (1); Federal Trade Commission (FTC) (2); The Ohio State University (3); SurfShark (4); Fortune (5); The Wall Street Journal (6).
You May Also Like
- Turning 50 with $0 saved for retirement? Most people don’t realize they’re actually just entering their prime earning decade. Here are 6 ways to catch up fast
- This 20-year-old lotto winner refused $1M in cash and chose $1,000/week for life. Now she’s getting slammed for it. Which option would you pick?
- Warren Buffett used these 8 repeatable money rules to turn $9,800 into a $150B fortune. Start using them today to get rich (and stay rich)
- Here are 5 easy ways to own multiple properties like Bezos and Beyoncé. You can start with $10 (and no, you don’t have to manage a single thing)
With a writing and editing career spanning over 13 years, Emma creates and refines content across a broad spectrum of industries, including personal finance, lifestyle, travel, health & wellness, real estate, beauty & fitness and B2B/SaaS/tech. Her versatility comes through contributions to high-profile clients like Moneywise, Healthline, Narcity and Bob Vila, producing content that informs and engages, along with helping book authors tell their stories.
