Posted on June 5, 2018 at 3:34 PM
A new scam by cyber criminals has been uncovered, and this one involves a popular website called Booking.com. The company features a number of guest houses and hotels, and their customers started receiving emails and WhatsApp messages which asked users for their payment details.
A new scam
A large number of hotels and guest houses that are being featured via Booking.com have been targeted by phishing emails in the latest scamming campaign by cybercriminals. According to reports, the emails contained some legitimate information, including the names, phone numbers, addresses, reference numbers, costs, as well as booking dates. All of this has led customers of the website to believe that the requests for information, that they soon started receiving, were real.
According to Booking.com’s spokesperson, the company’s systems were not compromised. They stated that the protection and security of both, customers, as well as their business partners, are of the highest priority. The company uses the best technology available to them in order to protect this data, and they are also introducing the new innovations in order to ensure that their security is of the top quality.
The spokesperson continued to claim that the systems were not compromised in this case, but that a number of properties were, in fact, targeted by phishing attacks. It is possible that by clicking on the links provided by the emails, the properties accidentally managed to lose some of the data to the hackers. Despite the fact that this was not officially confirmed, the website has contacted the guests and notified them of the situation. It is also actively trying to compensate anyone who has suffered a loss due to the scam campaign.
Other noteworthy attacks on travel firms
This one is only the latest in the long line of recent cyber attacks that have been hitting the travel industry, with the summer approaching. Another incident was reported just last month when Ryanair notified their customers of the newest WhatsApp scam via their Twitter account. According to them, the scammers impersonating the company were offering free tickets via WhatsApp. The company quickly pointed out that they don’t even have an official presence on WhatsApp, and has advised anyone who has received any offers via this platform to ignore them and to delete the messages.
Please beware of a fake WhatsApp promotion offering free Ryanair tickets.
Ryanair is not active on WhatsApp and the only place to win Ryanair flights is on our official Facebook and Twitter accounts, both of which have the ‘blue tick’ verification ✔️🛫 pic.twitter.com/FiQhSWzlR3
— Ryanair (@Ryanair) May 28, 2018
The customers were also advised to report the scams to UK’s national cybercrime reporting center, Action Fraud.
Another incident reported in March has seen a hack of Expedia’s subsidiary called Orbitz. According to reports, the subsidiary was attacked, and it is possible that the attackers managed to access info from more than 880,000 payment cards. The cards affected were those used in the time period from January 2016 to December 2017.
With the summer approaching, a lot of people have already started planning their vacations, which might leave them open for similar scamming attempts. There are several steps that you can take in order to protect yourself. For example, always use known companies for booking your trips, and don’t fall victim to a scammer with an unreal offer.
Use complex passwords that consist of 12 or more characters, and always seek out other people’s reviews. Try to find those that look authentic. Additionally, try to always pay via credit card, get a travel insurance, and make sure that your trip is ATOL-protected.