Planning a summer trip? Make sure that "confirmation e-mail" sitting in your inbox isn’t a trap.
Cybercriminals are ramping up travel scams this season, and they're not just targeting individuals – they're aiming squarely at Salt Lake City businesses, including insurance advisors like you. Fake travel confirmations are landing in inboxes across the city, disguised as legitimate e-mails from trusted brands like Delta, Marriott, or Expedia. All it takes is one click from a distracted agent or office manager to put your agency’s data, money, and reputation at risk.
Even savvy professionals are falling for these.
Here’s How The Scam Works
- A Fake Travel Confirmation E-mail Arrives
It might say:
- “Your Trip To Denver Has Been Confirmed! Click Here For Details"
- “Action Required: Confirm Your Hotel Stay"
- “Your Flight Itinerary Has Changed – Click For Updates"
The e-mail appears to come from a real company. The formatting is flawless. The logo is perfect. There may even be a fake “customer support” number.
- You Click The Link
The e-mail pushes you to "log in" to confirm or update payment info.
But the website you land on is fake. It looks real enough, but the moment you enter your login credentials or payment info, the hackers have them.
- Damage Is Done
- Your credentials get used to access airline or hotel accounts.
- Your business credit card is charged for fraudulent reservations.
- Malware may be installed, compromising your device—and your entire office network.
Why It Works So Well
- It Looks Legit: Phishing e-mails now mimic legitimate booking confirmations almost perfectly.
- It Triggers Urgency: Seeing "flight issues" makes people act without thinking.
- Your Staff Is Distracted: Between quoting policies, processing renewals, and answering client calls, no one is combing through e-mails with a forensic lens.
It’s Not Just A Personal Risk – It’s A Business Risk
At Qual IT, we see this often. Insurance firms in Salt Lake are especially vulnerable because they frequently travel for conferences, CE events, or client meetings.
Most firms have one person handling travel logistics—maybe your office manager, maybe even you. And because that person is used to seeing dozens of confirmation e-mails, a fake one doesn’t always raise red flags.
A single click could:
- Expose your company card
- Compromise shared login credentials
- Infect your systems with ransomware
All from one fake itinerary.
What Can Salt Lake Insurance Advisors Do?
- Verify Booking Info Manually
Never click the e-mail link. Instead, go directly to the official airline or hotel website to log in and check.
- Inspect the E-mail Address Closely
"@deltacom-support.com" is not the same as "@delta.com." Look carefully.
- Educate Your Staff
Anyone booking travel for your firm should be trained on spotting phishing scams.
- Turn On Multi-Factor Authentication (MFA)
Even if passwords get stolen, MFA adds a strong safety net.
- Secure Your Business E-mail Accounts
Qual IT offers managed e-mail security solutions tailored for insurance firms. We scan for malicious links, fake domains, and suspicious attachments before they reach your inbox.
Don’t Let A Fake E-mail Derail Your Agency’s Momentum
Cybercriminals strike when they know you're off guard. Summer travel season is their sweet spot. If you or your staff books travel for work, you're a prime target.
Let’s make sure your Salt Lake agency is protected.
Start with a FREE Cybersecurity Assessment from Qual IT. We’ll scan for vulnerabilities, check your e-mail defenses, and help you train your team.
Click here to schedule your FREE assessment now.
Stay safe out there,
Austin McDonald
Cybersecurity & IT Partner to Salt Lake Insurance Advisors
Qual IT
