top of page

Don’t get burnt before you’re on the beach: Action Fraud reports over £15m lost to holiday fraud

Action Fraud, the national reporting centre for fraud and cybercrime, has today published new data showing that in the last financial year, it received 6,457 reports of holiday fraud, amounting to over £15m lost.

Victims reported losing a total of £15,319,057, a 41% increase on last year’s results, which amounts to an average loss of £2,372 per victim. From May - August alone, more than £4.6m was lost.

With the summer months seeing the highest levels for holiday fraud reports, Action Fraud has launched a national awareness campaign today to urge the public to think twice before booking a holiday, so consumers don’t get burnt before they are on the beach.

Pauline Smith, Head of Action Fraud, said:

“With summer only just around the corner, we enter a period where fraudsters ramp up efforts to catch out unsuspecting members of the public.
“Scammers prey on people wanting to find a good deal online – whether that’s cheap flights, great hotels close to the beach at discounted rates or package holidays that undercut well-known travel operators and brands, people are more than willing to snap up a deal which sometimes comes at a heavy cost.
“When booking a holiday here or abroad, it’s important to do your research before handing over any money and to double check any website. To avoid the wave of crime this summer we encourage people to stop, check and research before paying. If it sounds too good to be true – it most definitely is.”

Anna Bowles, Head of Consumers and Enforcement at the UK Civil Aviation Authority, which runs the ATOL financial protection scheme, said:

"Before booking any trip abroad it is always worth doing some homework before you part with any money to make sure you limit your risk of being impacted by fraud. Make sure you research the company you're booking through - check reviews and ensure that your booking includes all the extras you're expecting, such as baggage allowance and transfers.
“We also recommend some simple measures to financially protect your well-earned holiday, including using the website to check your trip is financially protected by ATOL, consider paying by credit card and taking out travel insurance as soon as you book. This will add extra layers of protection against anything going wrong with your booking.”

Data revealed that the top 10 hotspots of people being caught out by holiday fraud in the UK were as follows: London, West Midlands, Greater Manchester, Thames Valley, West Yorkshire, Hampshire, Essex, Sussex. Avon and Somerset and Kent.

Here in the East Midlands, our five police forces reported the following figures:

Leicestershire Police - 127 reports

Nottinghamshire Police - 84 reports

Northamptonshire Police - 69 reports

Derbyshire Constabulary - 66 reports

Lincolnshire Police - 40 reports

That's a total of 386 reports of holiday fraud across the region.

Interestingly, people in their 20s and 40s who reported losses accounted for 44 per cent of all reports, further dispelling the myth that only older people are targeted by fraudsters.

Holiday fraud encompasses many different tactics employed by criminals to dupe unsuspecting members of the public. The most frequent frauds are clone comparison websites, airline websites and holiday websites.

At a quick glance it would appear you are on a trusted site, whereas in reality the URL has been changed. Here, victims assume they are on the genuine site and willingly hand over money at a great cost.

Fake confirmation emails or booking references are even sent, which has resulted in some cases of victims only realising they have fallen victim to fraud when they are at the airport to check in for their flight to be told that their booking does not exist.

An emerging trend is fraudsters using counterfeit Air Travel Organisers’ Licensing (ATOL) protect numbers on their fake webpage. All credible and trusted companies are provided with a number that shows the company has passed the regulatory checks by ATOL, with this number being unique to the website. Recently, fake websites have used duplicate or fabricated numbers which have been edited onto an ATOL logo.

ATOL recommends double checking all numbers on websites and with travel operators before handing over any money. If you do pay, use a credit card as this can offer greater protection should you lose your money.

Tops tip to avoid falling victim to holiday fraud

  • Stay safe online: Check the web address is legitimate and has not been altered by slight changes to a domain name - such as going from to .org.

  • Do your own research: Booking your trip via a company you haven’t used before? Do some research to check they're legitimate. Read feedback from sources that you trust, such as consumer websites. You can find a company’s official website by searching for them on Google or another trusted search engine.

  • Look for the logo: Check whether the company is an ABTA Member. Look for the ABTA logo on the company's website. If you have any doubts, you can verify membership of ABTA online on their website. If you're booking a flight as part of a package holiday and want more information about ATOL protection, or would like to check whether a company is an ATOL holder, visit the ATOL or CAA website.

  • Pay safe: Book your holiday with a credit card, if you have one. Most major credit card providers protect online purchases, and are obliged to refund you in certain circumstances. Using a credit card (rather than a debit card) also means that if your payment details are stolen, your main bank account won’t be directly affected

  • Check the paperwork: You should read through the terms and conditions, and be wary of any company that doesn’t provide any at all. When booking through a holiday club or timeshare, get the contract thoroughly vetted by a solicitor before signing up.

  • Trust your instincts: If a deal sounds too good to be true, it probably is. Don’t be lured in to what you think is a bargain holiday.

  • Secure your email: If your email is hacked, it could allow a criminal to access information about your holiday booking. Use 3 randoms words to create a strong password for your email that’s different to all your other passwords. If you’re offered 2-step verification to protect your email and social media accounts, always use it.

If you think you’ve been a victim of fraud, contact your bank immediately and report it to Action Fraud online at or by calling 0300 123 2040, or call Police Scotland on 101.



Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).



The contents of blog posts on this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of East Midlands Cyber Resilience Centre (EMCRC) is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. EMCRC provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us by email.


EMCRC does not accept any responsibility for any loss which may arise from reliance on information or materials published on this blog. EMCRC is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page