Booking.com Users Beware: New Scam Targets Hotel Bookings

Highlights

• Hackers gain access to hotel systems linked to Booking.com.
• Scam involves sending fake emails to hotels and installing harmful software.
• Hackers deceive customers into paying them directly through Booking.com.
• Booking.com working with partners to secure systems and recover lost funds.

The digital age is a bonanza for hackers to scam users and Booking.com is the latest to have fallen prey to it.

As per reports, these cybercriminals have been operating since at least March, employing various deceptive methods to carry out their scams on the travel website.

How the Scam Works

Here is a little brief on how the scam unfolds though and we think it should be made clear that they haven’t directly hacked Booking.com website.

Instead, the hackers begin by gaining access to hotel systems linked to the site. They often pose as former guests claiming to have left passports behind.

Through this pretense, they send emails to hotel staff with links that, when clicked, install harmful software on the hotel’s computers.

This software then searches for and can access Booking.com information.

Once inside the system, the hackers view details of customers who have booked rooms or holidays.

They then contact these customers through the official Booking.com app, pretending to be the hotel, and deceive them into paying money directly to them.

This is a scam that users should be cautious about and any kind of transfer should always be done through the Booking.com website or app.

Increasing Sophistication of the Scam

However, even with all the vigilance this booking.com scam is getting more sophisticated and is increasing in reach and effectiveness.

Hackers are now paying other criminals to gain access to more hotel systems. The scam is successful because it often appears that the emails are coming from trusted sources.

This makes it easier to deceive genuine customers.

One such victim, Lucy Buckley, was tricked into transferring £200 through the Booking.com app to what she thought was a hotel in Paris.

Although she later got her money back from the bank, the money had been sent to an account in Moldova.

Actions Taken and Recommendations

Booking.com is aware of this scam and is working to help partners secure their systems and assist customers in recovering lost funds.

Cyber-security experts suggest that hotels on Booking.com should implement additional security measures, such as multi-factor authentication, to prevent unauthorized access.

Also sometimes hackers spoof the original website with a counterfeit one and extract user details, so always be vigilant.

FAQs

What is the Booking.com scam?

The Booking.com scam involves hackers accessing hotel systems linked to Booking.com. They send deceptive emails to hotel staff, install malware, and then use this access to deceive customers into paying them directly, often pretending to be the hotel.

How do hackers carry out this scam on Booking.com?

Hackers pose as former hotel guests and send emails to the hotels with malicious links. When clicked, these links install software that grants access to Booking.com information. The hackers then contact customers through the app, masquerading as the hotel, to solicit direct payments.

What should Booking.com users do to stay safe?

Users should be cautious and always ensure that any payments or communications are done through the official Booking.com website or app. Be wary of direct payment requests from hotels and verify all communications for authenticity.