Booking.com customers targeted in major new phishing campaign
A compromised Booking.com hotel account was used in an elaborate phishing scheme aimed at draining customers’ bank accounts, a new report from cybersecurity experts Perception Point claims.
According to the report, an unnamed hotel’s Booking.com account has been compromised, with the threat actors using this access to obtain a list of its customers as well as their personal data: names, booking dates, hotel details and partial payment methods . They then created a malicious landing page, seemingly identical to the original Booking.com site, and targeted people who had an upcoming booking.
In the message, they said that the bookings were at risk of being canceled within a day if the users had not ‘tested’ their credit card details – by submitting them to the fake landing page.
The fact that the message came from the hotel could be enough for some people to trust it and add their payment details. But if that wasn’t enough, the landing page was pre-populated with personal information from the victims, further increasing its credibility.
As dangerous as the attack may seem, it could be just the tip of the iceberg. The researchers warn that this incident could be part of a larger pattern, like previous incidents steal information campaigns aimed at the accommodation sector.
Users are advised to be extra cautious when receiving emails and social media messages claiming to be from hotels. Messages that convey urgency and demand that matters be addressed immediately are a major red flag.
“Perception Point’s research shows that this is far from an isolated incident or small-scale scam. We estimate that hundreds of hotels and resorts worldwide have fallen prey to these breaches. The ripple effect? Thousands of targets, if not more,” the researchers concluded, adding that the attackers had “hundreds to thousands of dollars” in their bank accounts.