The attacks on the online platform booking.com aim to infect the accommodation's computer system with malware or to access customer data. Our partners at Watchlist Internet have looked at the attack and are warning you.
Booking.com scam #1: Malware via email
An alleged guest contacts the property with a request to send a direct email address. The fraudsters claim to want to send directions to the hotel. The reason for this is, for example, that you are traveling from China and Google Street View does not work there. The alleged guest has created a map with the route to the hotel and would now like to have this confirmed. The addition that these are seniors who don't know their way around very well is also often used. Here is an example of such a message:
Here in the German translation:
The accommodations will then receive an email which – as announced – contains a link. Here is an example of such a message:
However, malware is hidden behind the link. The exact damage that can be caused is currently unclear. However, the fraudsters seem to be after the booking.com access data in order to take over the accommodation account. However, it is also possible that other passwords stored in the web browser can be accessed.
Caution! Virus scanners do not necessarily detect the malware
The dangerous links and attachments are only recognized by a few anti-virus scanners. Therefore: Be particularly careful with such requests and do not open any unknown links or files. You can report attempted attacks to [email protected] , to the Cybercrime Reporting Office ( [email protected] ) and using our reporting form .
booking.com scam #2: Collecting customer data
The second scam involves phishing messages. However, these messages are sent from your extranet account. The criminals gained access to your account by successfully carrying out the first attack described or through other security holes.
Cybercriminals contact your guests and, as a first step, ask them to confirm the reservation. Another message claims that there are problems with payment or credit card details. To fix the problem, customers should click on a link and enter their credit card details. These end up directly in the hands of criminals. Here, too, the main communication does not take place via booking.com, but via email or WhatsApp.
Here's how to protect yourself from these scams
- Inform your employees about these cyberattacks. This particularly applies to employees who are responsible for online communication with guests.
- Cybercriminals try to circumvent booking.com's security measures by using other communication channels. It is therefore best to use the booking.com messenger. If communication is via email or WhatsApp, you need to be particularly careful.
- Check links before clicking them. You can scan potentially dangerous links on the virustotal.com
- Keep antivirus programs up to date to detect new threats.
Have you been a victim? Contact booking.com to report the fraud and get your account back . We also recommend filing a free criminal complaint with the police.
Source:
Watchlist Internet
Already read? A current Mimikama fact check: Criminal network dismantled as part of the international operation “Dawnbreaker”.
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )