As international travel is reaching new highs, so is cybercrime targeting travelers.
Joint research by NordVPN and Saily exposes the dark web’s growing market for stolen travel documents — from passport scans to loyalty accounts — and shows just how cheap it is for criminals to buy your identity.
Scanned global passports can sell for as little as $10 and up to $200, while verified EU passports fetch over $5 000. Fake bank statements, visa stickers, and hacked airline loyalty accounts with millions of miles trade for hundreds of dollars. Even Booking.com reservations are resold at steep discounts, often for $250 or more.
“The staggering prices we’re seeing on the dark web show just how valuable and vulnerable travelers’ personal information has become,” says Marijus Briedis, chief technology officer at NordVPN.
Travel data turns into cash for cybercriminals
Travel documents fall into the wrong hands via several basic methods. Cybercriminals deploy malware to scan devices and cloud storage for sensitive files. Breaches at airlines, visa platforms, and travel agencies leak passenger information.
Meanwhile, phishing sites impersonating official websites trick users into uploading passports and visas. Even publicly shared cloud folders with lax permissions can be easily discovered and exploited. Physical documents like boarding passes, lost or discarded in airports, also find their way onto the dark web.
“Travelers are reporting AI-powered phishing scams, from fake check-in platforms requesting selfies with ID documents to fraudulent airport lounge and WiFi registration pages,” says Vykintas Maknickas, CEO of Saily. “With AI tools now easily accessible to criminals, these phishing attempts have become simple to make, remarkably convincing, and difficult to spot.”
Travel documents a goldmine for hackers
Travel documents are valuable because they combine high resale potential with simple use. Many online platforms only require a passport scan and selfie for identity verification — a process criminals can bypass using deepfake technology.
Stolen passenger records often include full names, dates of birth, passport numbers, email addresses, phone numbers, and emergency contacts, enabling criminals to commit complex, targeted fraud.
With this data, criminals can commit identity theft, open fraudulent accounts, or apply for loans. They can also launch phishing or social engineering attacks using personal and travel details to trick victims or their contacts.
“Travel documents are a goldmine for hackers because they offer direct access to your identity with minimal barriers,” says Briedis. “This makes stolen travel data incredibly valuable and dangerous.”
Digital defense for travelers
NordVPN and Saily urge travelers to take immediate action to safeguard their data. Sensitive travel documents should be stored in encrypted digital vaults rather than publicly accessible cloud folders. Travelers must also stay vigilant against phishing attempts and verify URLs before submitting information.
Maknickas says that the best defence against modern social engineering is maintaining a healthy skepticism. “As scammers use personalized, context-aware tactics, a brief moment of critical thinking before responding to a digital request is the most effective shield. If something feels off, try to verify the communication through other channels.”
Briedis adds: “Travelers should keep devices updated with antivirus software and use VPNs on public WiFi to encrypt online activity and block malware. They should also regularly monitor financial and loyalty accounts to detect suspicious activity early as well as report lost or stolen documents promptly to limit exposure.”
Methodology. The research was conducted by NordVPN and Saily researchers between June 10 and June 20, 2025, using data analysed through NordStellar, a threat exposure management platform. The dissected information came from dark web marketplaces and hacker forums where stolen travel documents and related data are advertised for sale. The examined data included listings of passports, visas, loyalty accounts, and booking details, along with their prices. The analysis focused on the availability, pricing, and risks of travel document trafficking to raise awareness and guide travelers in taking precautions.