Internet

Be careful if you have booked through Booking! This is the new scam that is going to reach you

We are facing a Phishing attack in which they impersonate the identity of the hotel, but also of Booking. Attackers will be able to create a page practically modeled on the hotel reservation platform, but in reality it is a scam and all the data you enter will be stolen.

Phishing through Booking

This fact has affected different hotels and users from Booking. It is not just something with a specific establishment, since several people report a similar problem. But what exactly does it consist of? When you reserve a hotel through Booking, you can be in contact with that accommodation through the platform itself. Basically, you contact by private message and they can give you instructions on the arrival time, questions you have or any question. That’s what cybercriminals take advantage of.

What they have done is steal the hotel bill. By gaining access, they will be able to impersonate that establishment and contact customers. Of course, the client may not suspect, since they are receiving messages through the Booking website or application. That is the advantage that cybercriminals take advantage of.

Phishing scam by Booking

Once they have managed to take control of the hotel’s Booking account, create a fake page which pretends to be that of the accommodation platform. It is really very similar, with the name of the hotel, the price, the dates and everything as is. Now, if you look at the URL you will see that it is not the official Booking URL, although it does contain that name.

We are, as you see, facing a clear example of Phishing. They will send a message, with that URL attached, indicating that due to an update and changes, they need certain information that they must provide to confirm the reservation. They indicate that they must confirm that the data is correct, enter the bank card and in this way they can make the payment. Be careful because this has happened even in reservations in which it is not necessary to enter the card to confirm it.

Another similar case is the one shown by this user from X, formerly Twitter, in his personal account:

https://t.co/RKbWtLHSg9 #ScamAlert
Today I received a message within @bookingcom app from a property for which I booked a holiday later on the year.

Two messages asking with a sense of urgency to confirm my credit card details or the booking may be cancelled.

(thread) https://t.co/d4HwVCKwwU

September 21, 2023 • 19:05

Steal money

What they do is basically steal money. At least they are going to steal the amount that the hotel reservation costs. Beyond that, to power get card details, they could also, in the future, make additional charges. At the end of the day, they are going to steal that sensitive information and be able to use it.

What should you do to avoid problems? The advice is clear: never pay money, or enter personal information, or bank card information, outside the Booking platform. If you receive an email from the hotel requesting something like this, it is advisable that you contact them by another means outside the platform. For example, you can call by phone, contact by WhatsApp, etc.

It is important that contact, since this way you will cut the chain as soon as possible and the establishment will be aware of what is happening. In one of the cases that we have been able to contact from RedesZone, the hotel itself, when the client asked about this fact, indicated that they had indeed been victims of a computer attack, that they were working to solve it and that they should not pay attention to that. message.

Beyond this specific problem that affects Booking hotels, you should always carry out secure purchases and reservations In Internet. We recommend using wallet or rechargeable cards, since if you are a victim of a similar scam, they could not steal more than the money you have allocated.

In short, if you receive an email from Booking, specifically from a hotel with which you have a reservation, and they tell you that you must make a payment through an external link or send the card details in some way, don’t do it now that it is a Phishing attack. It is always a good idea to verify that a website is safe to buy from.

Related Articles