Heightened Risk during Festive Season

The annual Lebaran homecoming (Mudik), a period of intense travel adn family reunions, regrettably also presents a prime opportunity for cybercriminals. As digital transactions surge and online vigilance perhaps wanes, individuals become more susceptible to cyber crime, especially phishing attacks.

Recent data indicates a important uptick in phishing incidents during Ramadan, with the Indonesian Digital Consumer Institution reporting a 30% increase in cases compared to other months. this trend mirrors a global pattern observed in late 2024, where online travel agent impersonations surged, targeting organizations within the hospitality sector.

The Anatomy of a Phishing Attack: Storm-1865

Microsoft Threat Intelligence has identified a persistent phishing campaign,dubbed Storm-1865,active since December 2024 and continuing into February 2025 across Southeast Asia and beyond. This campaign employs complex Clickfix techniques to pilfer user credentials through deceptive login pages and seemingly legitimate captchas.

Storm-1865 is characterized by a multi-stage approach, often targeting both hospitality organizations and their customers.The goal is to steal payment details and other sensitive data.

Targeting Hotels and Business Partners

Attackers send fraudulent emails, masquerading as order platforms, to hotels and their partners. These emails typically urge employees to update accounts, verify transactions, confirm reservations, or address guest complaints, all under the guise of maintaining the company’s reputation.

These emails contain links or PDF attachments that redirect users to fake login pages, complete with fake captchas to enhance credibility. Unsuspecting victims are then tricked into running commands that download data-stealing malware, granting hackers access to conduct fraudulent transactions.

Exploiting Hotel Guests

notably, Storm-1865 also targeted hotel guests in 2023, employing similar social engineering tactics through various order platforms.

Protect Yourself: staying Safe During Lebaran Travel

given the elevated risk,travelers must exercise heightened caution when interacting with communications purportedly from hotels or travel services. Consider these preventative measures to avoid becoming a victim of phishing during the Eid al-Fitr 2025/1446 Hijri season:

• Verify Interaction Channels: Ensure you are communicating solely through official hotel or travel agent accounts. Scrutinize the sender’s email domain to confirm its authenticity.
• Secure Your Network: Refrain from logging into sensitive accounts via public or unencrypted Wi-Fi networks, which are vulnerable to man-in-the-middle attacks.
• Inspect Email Addresses: Be wary of emails marked with an “[External]” tag or originating from suspicious domains. Exercise extreme caution with emails that demand immediate action,as these are often hallmarks of phishing attempts.
• Direct Verification: If you receive a suspicious email requesting login credentials or payment information,avoid clicking any links. Instead, navigate directly to the service’s official website to verify the request. Hover your cursor over links before clicking to inspect the URL; if it appears suspicious or deviates from the expected address, do not proceed.

The Growing Threat of Cybercrime: A Statistical Overview

The rise in phishing attacks during peak travel seasons underscores a broader trend of escalating cybercrime.According to a recent report by Cybersecurity ventures, global cybercrime costs are projected to reach $10.5 trillion annually by 2025, highlighting the urgent need for increased awareness and proactive security measures.

“Cybercrime is the greatest threat to every company in the world.”
Cybersecurity Ventures