With summer travel ramping up and global events driving record passenger numbers through airports and hotels, cyber‑criminals are becoming increasingly sophisticated and business travellers are prime targets.
One of the fastest‑spreading threats this season is the so‑called “4‑tap scam”, a tactic designed to trick travellers into handing over personal data or payment details in just a handful of clicks.
For professionals who spend much of the year on the move, understanding how this scam works — and how to avoid it — is now as essential as packing a power bank.
Jürgen Himmelmann, travel expert at Global Work & Travel, says the biggest risk is that these scams no longer look obvious.
He said: “The old idea of a travel scam was someone selling a fake tour on the street. The newer version is much harder to spot because it often looks like normal travel admin. A QR code in an airport, a hotel payment message, a flight rebooking link or a booking confirmation email can feel completely routine when you are tired, rushing or trying to get online abroad. That is exactly when people make quick decisions.
The scam I would be most alert to this summer is what I call the four-tap scam. You scan, open, enter details and approve payment before you have properly checked who you are paying.”
What the 4‑Tap Scam Looks Like
The scam typically appears in places where travellers are most distracted: airport lounges, hotel lobbies, public Wi‑Fi portals and even booking confirmation emails. It often takes the form of a pop‑up or message prompting you to “verify your booking,” “confirm your Wi‑Fi access,” or “secure your luggage delivery.” The design is slick, the branding convincing, and the journey short — just four taps to hand over sensitive information.
Why Business Travellers Are High‑Value Targets
Corporate email addresses, loyalty accounts, stored payment cards and access to company systems make business travellers particularly attractive to scammers. A single compromised device can expose far more than a holiday itinerary — it can open the door to corporate data, client information and internal networks.
How to Protect Yourself on the Road
The good news: avoiding the scam is straightforward once you know what to look for.
Be sceptical of urgency. Any message that demands immediate action especially around payments or verification should raise a red flag. Legitimate providers rarely require instant responses.
Avoid public Wi‑Fi login pop‑ups. If you must connect, go through the official airport or hotel website manually rather than tapping through a prompt that appears on screen.
Check the sender before clicking. Booking confirmations, upgrade offers and “your room is ready” messages should always come from a verified domain. If in doubt, open your airline or hotel app directly.
Use a VPN for all work‑related browsing. It’s a simple layer of protection that dramatically reduces risk on public networks.
Keep personal and corporate accounts separate. Mixing them makes it harder to spot suspicious activity and easier for scammers to escalate an attack.
The Bottom Line
The 4‑tap scam succeeds because it exploits the moments when travellers are tired, rushed or simply trying to get online between flights. For business travellers, the stakes are higher and the consequences more far‑reaching than a compromised holiday booking.
A few seconds of caution can prevent hours of disruption, data loss or corporate fallout. As travel volumes surge this summer, staying alert is just as important as staying connected.
