Skurio upgrades cyber threat warning for ex-employees and customers of Thomas Cook

2 October, 2019

Advice follows detection of the dramatic increase in suspicious domain registrations since firm’s collapse

Skurio Ltd, a provider of Digital Risk Protection solutions, today stepped up warnings for ex-employees and customers of Thomas Cook asking for increased vigilance with respect to any digital communications using the Thomas Cook name. The move follows a flurry of web domain registration activity, which can be used to power phishing attacks, detected as part of Skurio’s routine scanning processes.

Thomas Cook, had contracted Skurio to monitor surface, deep and Dark Web sources to provide early data BreachAlert detection services. As part of this service, Skurio has been running automated scanning for new domain registrations claiming to offer Thomas Cook services. The service looks for domains set up with subtle spelling errors or additional terms a customer might expect to see, in order to send phishing emails, create fake social media accounts or capture customer details online.

Since the company’s compulsory liquidation announcement on 23rd September, Skurio detected the registration of 53 new website domains with names relating to Thomas Cook in just seven days. Some of these have been registered with good intentions and for legitimate purposes. A significant number however have been set up in order to exploit ex-employees and customers of Thomas Cook, particularly those seeking advice or compensation.

Skurio Ltd is working with Thomas Cook to continue monitoring the situation and to keep customers informed of important developments. Meanwhile, ex-employees and customers are advised to treat any social media posts or emails mentioning Thomas Cook with suspicion and avoid clicking through on links they might contain. Customers should visit the dedicated CAA site for information about compensation claims and note the precise format of this link as similar variants are among the newly registered domains.

Enquiries to:

Code Red Security PR

[email protected]