What is a 'Dark Web Travel Agency'?

A 'Dark Web Travel Agency' operates on the dark web, offering travel services like flight and hotel bookings. These agencies use stolen credit card information, obtained through methods like Infostealers, to purchase travel products and then resell them to customers at significantly discounted prices.

How are these stolen travel bookings resold?

The stolen travel bookings are resold on dark web forums and marketplaces, often disguised as 'cheap travel' deals. Listings are typically offered at 40-60% below the original price. The services offered have expanded from flights and hotels to include rental cars and even delivery coupons.

What is the significance of World Backup Day in relation to this news?

World Backup Day (March 31st) serves as a reminder to review and strengthen digital data protection. This news highlights the risks of compromised personal data, emphasizing the importance of secure practices and backups to mitigate the impact of cyber threats like Infostealers.

What measures can consumers take to protect themselves?

Consumers should be cautious about suspicious emails and software downloads, use strong, unique passwords, enable two-factor authentication where possible, and regularly back up their important data. Using a reputable VPN service like NordVPN can also help protect online activity and data.

Warning Issued on March 31st World Backup Day

Q: What is an Infostealer?

An Infostealer is a type of malware that secretly collects and transmits sensitive information from an infected device, such as credit card numbers, passwords, cookies, and browser saved data, to external parties. It can infect devices through email attachments or unauthorized software downloads.

Published Mar 30, 2026 7:00 PM ・ Updated Jun 2, 2026 1:01 PM ・ 7 min read ・ Source: PR TIMES

NordVPN releases findings from an investigation into card fraud by infostealers and the reality of dark web travel agencies.

NordVPN (Headquarters: Amsterdam, Netherlands, Japan Representative: Takuro Ohara), a provider of personal security services, has announced the results of a survey on the damage caused by the information-stealing malware 'Infostealer' conducted by its threat exposure management platform, 'NordStellar,' in 2025. The investigation analyzed 913 pieces of data collected from dark web forums and Telegram groups between 2021 and 2025. It revealed the reality of 'dark web travel agencies' that use stolen credit card information from infostealers to fraudulently purchase airline tickets and hotel reservations, reselling them on the dark web. 92.5% of listings were sold at a 40-60% discount from the list price. In addition to hotel reservations (18.2%) and airline tickets (13%), the scope has recently expanded to include delivery coupons such as Uber Eats (21.7%). March 31st is 'World Backup Day' every year. On this occasion to re-examine the protection of digital data, NordVPN calls for renewed consumer caution ahead of the Golden Week and spring travel seasons. In Japan, the damage from fraudulent credit card use is also becoming more serious. According to statistics from the Credit Saison Co., Ltd., the total amount of damage in 2024 reached a record high of 55.5 billion yen. 92.5% of this was due to the theft of card numbers, and a connection to the spread of infostealers has been pointed out (Source: Credit Saison Co., Ltd.). *Infostealer is malware that secretly collects and transmits information such as credit card numbers, passwords, cookies, and browser saved information from infected devices to external parties. It infects devices through attached files in emails or unauthorized software downloads, stealing user information without their knowledge. The dataset for this investigation also included manuals detailing the perpetrators' procedures, revealing that these methods are systematically shared and passed down.

What are 'Dark Web Travel Agencies'? Dark web travel agencies offer services similar to legitimate travel booking sites, but their actual operations take place in hidden marketplaces and forums on the dark web. Criminals use stolen credit card information from the dark web to purchase legitimate travel products and then resell them to third parties at significantly discounted prices. Analysis of data collected by NordStellar between 2021 and 2025 (913 valid entries) revealed the following: ・92.5% of listings were sold at a 40-60% discount from the list price, a sophisticated resale tactic disguised as 'cheap travel.' ・The most common category was hotel reservations (18.2%), followed by airline tickets (13%), Airbnb reservations (5.6%), and rental cars (5.2%). Package deals combining flights and accommodation were also frequently confirmed. ・In recent years, the scope has expanded to include delivery coupons. Transactions were most common for Uber Eats (21.7%), followed by DoorDash (16.2%) and Amazon (10.1%). ・Cryptocurrencies and cash apps are frequently used for payments. A system for building trust through 'escrow' (third-party custody) is also in place. <im

FACT BOX

Source: PR TIMES
Category: News

Warning Issued on March 31st World Backup Day

⚡ Key Points

FACT BOX

Editorial & Verification Standards

FAQ

Cite this article — HOW TO CITE

AI CRAWLER ACTIVITY