AI Agents Are Bookings’ Biggest Growth Area. So Is Fraud.
Travel merchants and operators are navigating a fundamental tension in 2026. On one side, AI agents are converting more bookings than ever. On the other, those same agents are opening new attack vectors that legacy fraud systems were never designed to catch. The result is a hidden crisis that is quietly eroding margins, destroying customer trust, and forcing a rethinking of how the industry handles identity and intent.
According to DataDome, a specialist in bot and agent trust management, 78% of consumers now rely on generative AI for online shopping. In travel specifically, AI agents handle flight searches, accommodation comparisons, and itinerary planning with increasing autonomy. For brands, this drives conversions and reduces friction. For fraudsters, it creates a vastly larger surface area to exploit.
Credential Stuffing Hits Loyalty Programs Hard
Travel loyalty programs, valued at $328.02 billion in 2024 according to Market Research Future, have become prime targets for automated fraud. Bots armed with stolen credentials run credential stuffing attacks at scale, logging into accounts and redeeming points for flights, hotel nights, or merchandise before the legitimate account holder notices anything is wrong.
The consequences extend beyond the stolen points themselves. Each successful account takeover triggers support costs. High-value travelers, the ones merchants can least afford to lose, are often the targets precisely because their accounts hold the most value. The erosion of trust is difficult to measure but real.
The Agent Takeover Problem
Perhaps more alarming is the emergence of compromised or impersonated AI agents. Legitimate AI agents acting on behalf of real consumers are increasingly common. But fraudsters have learned to hijack those same agent sessions to make unauthorized bookings, drain loyalty balances, and access sensitive personal data including passport details and payment information.
Traditional bot detection systems, built to distinguish human traffic from automated visits, were not designed for this. The challenge has fundamentally changed. Merchants and operators now need to verify visitor identity and assess intent in real time, distinguishing between three overlapping categories: legitimate AI agents acting for real consumers, malicious bots scraping pricing data, and compromised agents that misuse legitimate systems.
Inventory Manipulation and Price Scraping
AI agents can extract large-scale data on pricing, availability, and inventory at speeds no human could match. Competitors can use this intelligence to adjust their own pricing in real time, effectively free-riding on a merchant’s data investments. More maliciously, bad actors can attempt to block inventory or create artificial demand signals that distort the market.
For operators running dynamic pricing or limited inventory offers, this is a direct competitive threat. The merchants most exposed are those with differentiated pricing models, exclusive inventory, or promotional campaigns that rely on scarcity signals remaining intact.
Why Most Travel Sites Are Not Prepared
More than 90% of travel sites are reportedly not fully protected against even basic automated threats, according to DataDome. The gap between AI adoption and security maturity is wide and growing. Legacy fraud tools look for patterns associated with human behavior. AI agents, even malicious ones, often behave in ways that pass those checks because they mimic legitimate automated workflows.
The operational challenge for merchants is compounded. AI agent traffic can look legitimate by every metric a traditional system checks, yet represent fraudulent activity. The only reliable detection method is intent-based analysis that happens in real time at the session level.
What Operators and Merchants Need to Do Now
The path forward requires a different security posture. Bot detection alone is insufficient. Travel brands need identity verification systems that can distinguish legitimate from malicious agents in real time, behavioral analysis that flags unusual loyalty redemptions and booking patterns, and API-layer controls that protect pricing and inventory data from mass extraction.
For merchants building or integrating AI booking capabilities, vendor selection matters. Working with fraud prevention partners that have travel-specific threat models is now a baseline requirement, not a nice-to-have. Merchants who assume their existing security stack handles AI agent threats should audit that assumption immediately.
The opportunity in agentic commerce is real. Brands that handle it well will gain visibility, customer trust, and competitive positioning. Those that do not will absorb the losses, and those losses will compound quietly until they become impossible to ignore.
Key Takeaways for Travel Merchants and Operators
- Loyalty programs are under automated attack. Credential stuffing against loyalty accounts is rising fast. Points balances are being drained at scale, with support costs and customer attrition following.
- Agentic traffic blurs the fraud signal. Legitimate AI agents and malicious bots can look identical to traditional detection systems. Intent-based analysis is now necessary.
- Inventory and pricing data are exposed. AI-powered scraping enables competitors and bad actors to extract and exploit data that operators rely on for differentiation.
- The security gap is a business risk. More than 90% of travel sites lack adequate protection against automated threats. Merchants who close that gap first gain a durable advantage.
The AI booking boom is not reversing. Merchants and operators that treat fraud prevention as a technical backburner issue in 2026 are accepting a known, preventable loss. The smarter play is to treat it as infrastructure.
