While you’re busy making your summer travel plans, scammers are busy concocting schemes and laying traps to steal your identity, vacation dollars and hard earned points.

Travelers, even savvy ones, are finding it increasingly challenging to dodge the bad actors. Unfortunately, advances in artificial intelligence are helping criminals become more adept at scamming unsuspecting victims.

As a consumer advocate and TPG’s travel ombudsman, my case files are filled with the aftermath of these scams. The good news is that you can avoid falling prey to fraudsters if you know what to look for.

Here are the most costly travel scams to be aware of this summer, how to avoid them and what to do if you’re already a victim of one.

AI voice phishing scams (aka vishing)

Recently, I received a call from the American Express Security Department — at least that’s what the caller ID showed. When I picked up, a female voice informed me that the call was being recorded. Addressing me by my first and last name, she said the matter was urgent and involved legal issues with my “Amex Green Card.”

That’s a card I do not have.

But since I frequently write about scams, and I’m always interested in hearing about new ones, I continued the call. What can I say, it’s a professional interest!

The AI-generated voice was not entirely robotic, but it had a noticeable lag time and difficulty pronouncing numbers. As the fake American Express agent tried to confirm my phone number, it stumbled, stopped and had to restart the entire conversation.

I told the AI agent I didn’t believe the call was from American Express and it even feigned insult.

Reward your inbox with the TPG Daily newsletter

Join over 700,000 readers for breaking news, in-depth guides and exclusive deals from TPG’s experts

By signing up, you will receive newsletters and promotional content and agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.

“Miss Michelle, I am a real human being. I am Ms. Lee,” the voice told me. “Check your caller ID. I am calling from 1-800-528-4800, American Express Security. I’ll wait while you check the number. You’ll see I am telling the truth.”

While that is the actual number for the American Express Security Department, I was certain “Ms. Lee” was not calling from it.

Ms. Lee asked me if I was traveling since someone was using my card in multiple destinations around the world. She said that the Department of Homeland Security was investigating me because “seven firearms” had been purchased with my card.

When I didn’t express shock and panic, and instead just said, “Okay,” Ms. Lee said I needed to understand the serious nature of her call. As “she” told it, the authorities could detain me at any time. But she had a solution to my problem, of course.

If I sent her copies of my passport, social security card and credit card, she could forward the documents to Homeland Security on my behalf. This would prove my identity and stop the investigation. We had to act quickly before my arrest warrant was issued, though, she warned me.

So, of course, I ran straight to my pocketbook to get all of those personal documents so Ms. Lee could steal my entire identity. Just kidding.

You might think there is no way anyone would fall for this type of convoluted story. But my case files show that vishing scams are surprisingly successful. The AI-generated voices are convincing enough to consumers who are not familiar with the technology. The panic and sense of urgency created by the bot keep the victim off-kilter just long enough to accomplish the scam.

Victims who have contacted me have reported receiving similar calls from AI agents claiming to represent cruise lines and airlines. Regardless of what company the voice says it represents, the end goal is always the same: to steal personal information and cash.

Here’s how you can spot similar vishing scams and how to avoid their worst consequences:

• Don’t be fooled by the number on your caller ID. Scammers can make any number or identity appear on your phone. If you’re unsure whether your credit card company is calling, hang up and call the official number on the back of your card.
• Like most scams, vishing calls are designed to create panic and confusion. The caller may tell you the police are on their way for you, that the IRS is investigating you or that your bank account is hacked — anything to frighten you into following the scammers instructions.
• AI voice cloning is still imperfect. Unnatural pauses, unusual cadence and stumbling over common words and then beginning all over are signs that you’re speaking to an AI agent.
• If you receive a suspicious call, hang up and call the official number for the company.

You can report phishing and vishing attempts by scammers pretending to be calling from your credit card company through the following channels:

• spoof@AmericanExpress.com.
• abuse@bofa.com
• internetsecurity@barclays.com
• Capital One’s cyber abuse form
• phishing@chase.com
• spoof@citi.com
• emailwatch@discover.com
• reportphish@wellsfargo.com

Bait-and-switch or ghost vacation rentals

Vacation rentals can be a great alternative to hotels, especially for families and larger groups. But there is danger lurking on sites like Airbnb and Vrbo. Some listings are fake and exist only to lure unsuspecting travelers into expensive scams.

From bait-and-switch schemes to nonexistent properties, I’ve investigated hundreds of vacation rental nightmares over the years.

A common misunderstanding shared by many travelers is that Airbnb and Vrbo vet all the properties on their platforms. They don’t, but that belief helps scammers to fly under the radar on the listing sites and capture more victims.

Before confirming a vacation rental, there are a few things you can do to decrease the chances of falling for a scam.

• Read the reviews. On platforms like Airbnb and Vrbo, reviews are tied to confirmed guest stays, making them more reliable than testimonials posted on random websites. If a property has no reviews, consider that a yellow flag. It may simply mean the property is new to the market, but it’s worth proceeding cautiously.
• Examine the photos. In 2026, nearly everyone has a high-quality camera built into their phone. Legitimate hosts want to show their property in its best light. Fraudsters don’t particularly care about the images, preferring instead to lure victims with unusually low rental prices. Listings with low-quality, blurry, or grainy photos are one indicator that the listing might be a scam.
• Check Google reverse images. Take a screenshot of some of the images and drop them into Google’s reverse image search. Scammers often lift photos from other listings, real estate sites and even furniture ads.
• Don’t book outside the platform. Bad actors want to get their victims off the platform and away from the security protections provided there. With offers of discounts and other bonuses to take the transaction private, the next step often involves payments via wire transfer, Zelle or even cryptocurrency.

Another of the most common scams vacation rental guests encounter are bait-and-switch schemes. After confirming the reservation, the “host” suddenly claims the property is unavailable due to flooding, maintenance issues, double-booking, or another emergency. Then comes the offer of a “replacement” property.

Travelers have been led to rundown properties resembling flop houses rather than the expected luxury rental. If your host attempts to switch you into a substitute rental and it isn’t comparable, walk away and contact the listing platform immediately.

Fake customer service scams

One of the most expensive travel scams circulating right now often begins with something deceptively simple: a Google search.

Travelers searching online for an airline, cruise line, or hotel customer service numbers are increasingly being directed to fake call centers run by scammers. By the time the victim realizes they are not speaking to a legitimate representative, thousands of dollars may already be gone.

These scams often begin when a traveler is stressed, stranded, or desperate for help. A canceled flight, denied boarding situation, or urgent refund request creates the perfect environment for scammers to step in pretending to be customer support.

Think about it: You’re stuck in the airport with a flight cancellation and an hours-long line for help at the counter, so you Google your airline’s customer service number hoping for a faster resolution. Only that number you’re calling belongs to a scam call center instead.

To avoid that fate, here are some red flags travelers should watch for:

• The phone number appeared in a sponsored ad, a social media comment, or an online forum. Scammers are planting their fake call center numbers all over the Internet.
• The “agent” informs you there is an urgent problem with your reservations and pressures you to act immediately.
• You may be asked to pay fees through Zelle, wire transfer, gift cards, or cryptocurrency.
• The representative discourages you from hanging up and calling the company back directly.
• A random, incoming call from someone who has urgent news about your “reservation.” Scammers have turned to cold calling their victims as travelers have been increasingly aware of the fake customer service numbers populating the internet search results. Never volunteer personal details on a call you didn’t initiate.

The safest way to avoid a fake customer service scam is surprisingly easy: Always go directly to the airline, cruise line, or hotel’s official website or mobile app and use the contact information published there.

Toll road text scams (Smishing)

If you’ve recently received a text message claiming you owe money for an unpaid toll, you’re not alone.

Fake texts — also known as smishing (SMS phishing, or “smishing”) scams — have exploded across the United States over the past year.

These scam messages are designed to look urgent and official, warning that you owe a small amount of money and threatening late fees, suspended vehicle registrations, or other penalties if you don’t pay immediately. Sometimes the message claims the authorities will be coming to arrest you if the payment isn’t quickly received. The text usually includes a link that appears to lead to an official payment page.

It doesn’t.

Instead, the link leads to a fake website designed to steal your credit card information, banking details and other personal data.

One reason these scams are so effective is that many travelers actually use toll roads while on vacation. After returning home from a road trip or rental car journey, receiving a text about an “unpaid toll” can seem believable.

There are several red flags travelers should watch for:

• The text creates a false sense of urgency and alarm.
• The message comes from a strange phone number or email address and sometimes lands in your spam inbox.
• The website linked in the text looks suspicious or slightly misspelled.
• The toll amount is small enough that victims may pay it quickly without questioning it.
• The punishment doesn’t fit the crime. (No, the Department of Justice is not coming for you if you don’t pay a toll.)

If you receive a text claiming you owe unpaid tolls, don’t click the link. Instead, go directly to the official toll agency website or contact the rental car company if you were driving a rental vehicle. You can report these scam attempts to the Federal Trade Commission.

Scammer-placed QR codes (Quishing)

QR codes became extremely popular during the pandemic when restaurants, hotels, and other businesses began using them for contactless menus, payments and check-ins. Unfortunately, scammers quickly realized these codes could also be used to trick unsuspecting travelers.

“Quishing” scams involve fraudsters placing self-created QR codes over legitimate ones in airports, parking garages, tourist areas, restaurants and other public places. When a traveler scans the code, they are redirected to a fake payment page or a malicious website designed to steal financial or personal information.

The NYC Department of Transportation recently issued a warning about scammers placing QR codes on parking meters in the city. Tourists who scan the code are directed to an AI-created website that looks official, but it isn’t. Instead of paying for parking, the victims of this scam are personally delivering their credit card information to criminals.

Some QR codes direct users to websites that mirror the login pages of legitimate airlines, hotels, cruise lines or other travel companies.

There are several ways travelers can protect themselves from QR code scams:

• Avoid scanning QR codes that appear tampered with, covered by stickers, or placed awkwardly over another code.
• Before entering payment information, check the website address that opens after scanning the code. Scammers often purchase domains that closely resemble official websites, so do examine the URL carefully.
• Whenever possible, use an official app or manually type the website address instead of scanning an unfamiliar QR code.
• Be cautious about scanning QR codes posted in public places where anyone could have placed them.

Fake travel agents and “helpers” lurking in Facebook groups

Travel-focused Facebook groups can be helpful places to exchange advice, compare experiences and ask questions. Unfortunately, scammers know that too.

Over the past few years, I’ve investigated multiple cases involving travelers who believed they were speaking with legitimate travel agents, airline representatives, or helpful group members inside Facebook communities. Instead, they were communicating with scammers posing as travel experts or customer service agents.

These fraudsters often monitor posts from frustrated travelers seeking refunds, canceled reservations, or urgent help. Within minutes, the victim may receive a comment or direct message from someone claiming they can “fix” the problem.

Frequently, the fake agents convince travelers to move the conversation from Facebook to WhatsApp, Telegram, or private text messages. The victim is then instructed to send a small payment via Zelle, Wise, wire transfer, or cryptocurrency for tickets, refunds, or “processing fees.” Once the money is sent, it’s gone for good.

Cruise-related Facebook groups have become especially attractive targets for scammers because travelers frequently post detailed information about upcoming trips, booking problems and refund disputes. Fake airline customer service agents also routinely appear in comments beneath posts from stranded or frustrated passengers.

Travelers should remember:

• Anyone can join most Facebook groups and create an official-looking profile.
• A company logo or travel-themed profile picture does not prove someone works for an airline, cruise line, or travel agency.
• Scammers often pressure victims to continue conversations privately through direct messages.
• Requests for payment through Zelle, cryptocurrency, gift cards or wire transfer are major red flags.

If you need help with a travel problem, contact the airline, cruise line, hotel, or booking platform directly through its official website or app — not through a stranger in a Facebook group offering “assistance.”

Bottom line

Don’t let scammers steal your hard-earned travel dollars. It’s crucial that travelers familiarize themselves with the latest scams they may encounter before, during and even after their vacation. That’s right; the risk doesn’t end the moment you get home.

The bad actors are aiming for you, so you’d better be ready for them.

Of course, if you have already become a victim of a travel scam, you can send your request for assistance to ombudsman@thepointsguy.com. I’ll be happy to review the details of your fiasco and help you, too, if I can.