Booking.com customers targeted in major new phishing campaign

Booking.com hotel accounts used in elaborate phishing schemes

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A compromised Booking.com hotel account was used in an elaboratephishingscheme aiming to empty customer bank accounts, a new report from cybersecurity experts Perception Point claims.

As per the report, an unnamed hotel has had its Booking.com account compromised, with the threat actors using this access to get a list of its clients, as well as their personal data: names, booking dates, hotel details, and partial payment methods. Then, they crafted a malicious landing page, seemingly identical to the original Booking.com site, and reached out to people who’ve had bookings coming up.

In the message, they said that the bookings were at risk of cancellation within a day, if the users didn’t “test” their credit card details - by submitting them on the fake landing page.

Booking.com phishing

Booking.com phishing

The fact that the message was coming from the hotel could be enough to get some people to trust it and add their payment data. But if that wasn’t enough, the landing page came pre-filled with some personal information belonging to the victims, further adding credibility.

As dangerous as the attack may seem, it might only be the tip of the iceberg. The researchers are warning that this incident could be part of a larger pattern, as similar things were seen with previousinfostealingcampaigns targeting the accommodation industry.

Users are advised to be extra careful when receiving emails and social media messages claiming to be from hotels. Messages that cry urgency and demand things be addressed at once are a major red flag.

“Perception Point’s research indicates that this is far from an isolated incident or a small-scale scam. We estimate that hundreds of hotels and resorts worldwide have fallen prey to these breaches. The ripple effect? Thousands of targets, if not more,” the researchers concluded, adding that the attackers banked “hundreds, to thousands of dollars.”

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

ViaInfosecurityMagazine

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

VIPRE Security Group says its new endpoint protection tools can stamp out even the latest cybersecurity threats