Holidaymakers are being warned to slow down before scanning QR codes, clicking booking links or entering card details, as travel scams become more convincing ahead of the summer rush.

Travel scams linked to QR codes, fake booking confirmations and “reservation hijacking” are gaining attention across travel media, with The Points Guy warning travellers about “quishing” scams and Reader’s Digest reporting that fake booking confirmations and travel updates are among the scams concerning American travellers this summer.

Jürgen Himmelmann, travel expert at Global Work & Travel, says the biggest risk is that these scams no longer look obvious.

He said: “The old idea of a travel scam was someone selling a fake tour on the street. The newer version is much harder to spot because it often looks like normal travel admin.

A QR code in an airport, a hotel payment message, a flight rebooking link or a booking confirmation email can feel completely routine when you are tired, rushing or trying to get online abroad. That is exactly when people make quick decisions.

The scam I would be most alert to this summer is what I call the four-tap scam. You scan, open, enter details and approve payment before you have properly checked who you are paying.”

Recent warnings have highlighted fake QR codes being placed over legitimate ones, phishing messages that appear to come from trusted travel brands and scams using real booking details to trick travellers into making payments. Wired recently reported on “reservation hijacking”, where scammers use genuine booking information to make fake payment requests appear more credible.

Jürgen says travellers should watch out for four common scams this summer:
Fake QR codes in airports, hotels and taxi ranks
Scammers can place stickers over genuine QR codes, sending travellers to fake payment pages or login forms.

Fake booking confirmation emails
These can look like they are from a hotel, airline, Booking.com, Expedia or another travel platform, but the link directs travellers to a fraudulent payment or verification page.

“Reservation hijacking” messages
These use real details such as your hotel name, travel dates or booking reference to make the scam feel legitimate.

Street-level distraction scams
Solo travellers remain vulnerable to “friendly chat” bar scams, bracelet scams, charm scams and fake donation approaches in busy tourist areas.

Jürgen added: “The habit that defuses most of these scams is simple: do not act through the link or QR code in front of you. Open the official app, type the website into your browser, or go to the hotel, airline or transport provider directly.

If a message says your booking will be cancelled unless you pay now, that is the moment to pause, not panic. Genuine travel companies do not usually need you to make urgent payments through a random link.

Travellers should also consider using a virtual card or a travel money card with spending limits, because it reduces the damage if details are compromised. Keep your main debit card away from unfamiliar payment pages while travelling.”