Residents of the 36 countries participating in the U.S. Visa Waiver Program, including Australians, need to be vigilant when planning their trip.

Cybercriminals are taking advantage of a relatively new U.S. requirement for travellers from these countries to register online for travel authorisation.

Cybercrooks know that the only way to register for travel authorisation is online, through Homeland Security's Electronic System for Travel Authorisation (ESTA) site, and they have been busy building phony websites designed to take your information and money.

These sites prey on foreigner's lack of familiarity with official U.S.
Government sites and registration processes. When McAfee recently did a
simple search for "ESTA," "ESTA form," or "ESTA online registration" a variety of dangerous websites showed up in search results.

What's more, incidents of these fake visa sites have escalated over the last two weeks following the US Government's announcement of a $14 fee for travel authorisation, beginning September 8, 2010. Now scammers are asking for
credit card numbers and financial information as well as personal details on fake sites.

To help you stay safe, let's look at the ways that cybercrooks are trying to trick travellers, and review the right way to apply for travel authorisation online.

The Hook:

Cybercriminals set up fake websites designed to fool travellers into thinking that they are registering for U.S. travel authorisation.

These sites mimic the look and feel of the official ESTA site, and some even offer registration in multiple languages.

However, these sites have been crafted to steal users' money, and personal and financial information, or spread malware.

The Methods:

1) Form Filing Services - Some
fake sites offer to help travellers complete their travel authorisation form, for a fee. This fee can range from $30 to $250, far exceeding the $14 fee you would pay to do it yourself. 

While you may actually get your form registered, you should still regard these sites with suspicion.

Even if your form is filed, your personal information, such as your email address, credit card information, and travel dates, are now in the hands of cybercriminals.

2) Fake Government Sites - This kind of site is far more dangerous than the form filing services in that they are designed solely to extract your personal information, including your passport number, date of birth, and banking and credit card details.

They may also ask for information normally asked by U.S. immigration, such as for your criminal or medical history, and for details about family members travelling with you.

3) Form Download Sites - In this scam, users are asked to download the travel authorisation form. However, these downloads are nothing but malware designed to harm your computer or install malicious software. The actual ESTA site does not offer a downloadable form - you simply fill out the form using an online application.

The Dangers:

• Visitors to these fake sites face a series of dangers, including loss of money, identity theft, an infected computer, and even burglary since the scammers know what dates visitors will be away from home.
• Victims may also not be able to travel to the U.S. as planned since they did not get official travel authorisation.

Bottom Line:

• When applying for travel authorisation under the U.S. Visa Waiver Program, only use the official Homeland Security site at https://esta.cbp.dhs.gov/.
• Do not believe any website that offers to file the travel authorisation form for you, or asks you to download the form. Only you can only fill out the official form online at the above address.
• Be particularly cautious around high travel times, such as summer vacation and the holidays, since we expect these scams to increase over these periods.

Other tips to stay safe:

• When surfing the web, always use a safe search plug-in, such as McAfee® SiteAdvisor® technology, which warns you of potentially dangerous sites right in your search results
• Make sure to use comprehensive security software, such as McAfee Total Protection™ software, to protect you from viruses, spyware, adware and other emerging threats, and keep it up-to-date