LONDON, Aug. 13, 2025 (GLOBE NEWSWIRE) -- As international travel is reaching new highs, so is cybercrime targeting travelers. Joint research by NordVPN and Saily exposes the dark web’s growing market for stolen travel documents — from passport scans to loyalty accounts — and shows just how cheap it is for criminals to buy your identity.

Scanned global passports can sell for as little as $10 and up to $200, while verified EU passports fetch over $5,000. Fake bank statements, visa stickers, and hacked airline loyalty accounts with millions of miles trade for hundreds of dollars. Even Booking.com reservations are resold at steep discounts, often for $250 or more.

“The staggering prices we’re seeing on the dark web show just how valuable and vulnerable travelers’ personal information has become,” says Marijus Briedis, chief technology officer (CTO) at NordVPN.

Travel data turns into cash for cybercriminals

Travel documents fall into the wrong hands via several basic methods. Cybercriminals deploy malware to scan devices and cloud storage for sensitive files. Breaches at airlines, visa platforms, and travel agencies leak passenger information.

Meanwhile, phishing sites impersonating official portals trick users into uploading passports and visas. Even publicly shared cloud folders with lax permissions can be easily discovered and exploited. Physical documents like boarding passes, lost or discarded in airports, also find their way onto the dark web.

"Travelers are reporting AI-powered phishing scams, from fake check-in platforms requesting selfies with ID documents to fraudulent airport lounge and Wi-Fi registration pages," says Vykintas Maknickas, CEO of Saily. "With AI tools now easily accessible to criminals, these phishing attempts have become simple to make, remarkably convincing, and difficult to spot."

Travel documents — a goldmine for hackers

Travel documents are valuable because they combine high resale potential with simple use. Many online platforms only require a passport scan and selfie for identity verification — a process criminals can bypass using deepfake technology. Stolen passenger records often include full names, dates of birth, passport numbers, email addresses, phone numbers, and emergency contacts, enabling criminals to commit complex, targeted fraud.

With this data, criminals can commit identity theft, open fraudulent accounts, or apply for loans. They can also launch phishing or social engineering attacks using personal and travel details to trick victims or their contacts.

“Travel documents are a goldmine for hackers because they offer direct access to your identity with minimal barriers,” says Briedis. “This makes stolen travel data incredibly valuable and dangerous.”

Digital defense for travelers

NordVPN and Saily urge travelers to take immediate action to safeguard their data. Sensitive travel documents should be stored in encrypted digital vaults rather than publicly accessible cloud folders. Travelers must also stay vigilant against phishing attempts and verify URLs before submitting information.

Maknickas says that the best defence against modern social engineering is maintaining a healthy skepticism. “As scammers use personalized, context-aware tactics, a brief moment of critical thinking before responding to a digital request is the most effective shield. If something feels off, try to verify the communication through other channels."

“Travelers should keep devices updated with antivirus software and use VPNs on public Wi-Fi to encrypt online activity and block malware. They should also regularly monitor financial and loyalty accounts to detect suspicious activity early as well as report lost or stolen documents promptly to limit exposure,” says Briedis.

Methodology. The research was conducted by NordVPN and Saily researchers between June 10 and June 20, 2025, using data analyzed through NordStellar, a threat exposure management platform. The dissected information came from dark web marketplaces and hacker forums where stolen travel documents and related data are advertised for sale. The examined data included listings of passports, visas, loyalty accounts, and booking details, along with their prices. The analysis focused on the availability, pricing, and risks of travel document trafficking to raise awareness and guide travelers in taking precautions.

ABOUT NORDVPN

NordVPN is the world’s most advanced VPN service provider, chosen by millions of internet users worldwide. The service offers features such as dedicated IP, Double VPN, and Onion Over VPN servers, which help to boost your online privacy with zero tracking. One of NordVPN’s key features is Threat Protection Pro™, a tool that blocks malicious websites, trackers, and ads and scans downloads for malware. The latest creation of Nord Security, NordVPN’s parent company, is Saily — a travel eSIM app. NordVPN is known for being user friendly and can offer some of the best prices on the market. This VPN provider covers 165 locations across 118 countries worldwide. For more information, visit https://nordvpn.com.

More information: viktorija.gailiute@nordsec.com