ECONOMY & WORK
MONEY 101
NEWS
PERSONAL FINANCE
NET WORTH
About Us Contact Us Privacy Policy Terms of Use DMCA Opt-out of personalized ads
© Copyright 2023 Market Realist. Market Realist is a registered trademark. All Rights Reserved. People may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.
MARKETREALIST.COM / NEWS

Booking.com Struggles Against Rising Hotel Booking Cyber Frauds; How to Safeguard Yourself

The attackers, employing cunning tactics, utilized compromised hotel accounts to send deceptive emails and in-app messages to Booking.com customers.
PUBLISHED DEC 18, 2023
Cover Image Source: Pexels | Photo by Pixabay
Cover Image Source: Pexels | Photo by Pixabay

We live in an era where convenience often comes at the cost of cybersecurity. Booking.com finds itself at the center of a cybercrime storm. Cybercriminals are targeting unsuspecting customers through a sophisticated scheme that involves hijacking hotel accounts and manipulating users into divulging sensitive payment information.

Cover Image Source: Travel Trade Journal
Booking.com | Travel Trade Journal

A recent investigation by Secureworks, a prominent U.S.-based cybersecurity firm, has brought to light a concerning attack that unfolded in October 2023, per BBC. The attackers, employing cunning tactics, utilized compromised hotel accounts to send deceptive emails and in-app messages to Booking.com customers. These messages, seemingly originating from hotel owners, requested the confirmation of payment details for upcoming stays. The trap was set in stages, with the initial email carefully crafted to appear innocuous, void of any links or attachments that might trigger security alerts. The second email, however, contained URLs leading to seemingly legitimate documents hosted on services like Google Drive and Dropbox.

When recipients innocently downloaded the ZIP files, they unwittingly unleashed the Vidar infostealer. This malicious software enabled the perpetrators to seize control of the hotel's Booking.com account, granting them access to the Booking.com management portal, which harbored details of upcoming bookings. Exploiting this information, the fraudsters proceeded to send misleading emails directly to booked guests.

Pexels | Photo by Tima Miroshnichenko
Hacker | Pexels | Photo by Tima Miroshnichenko

The aftermath was swift and impactful. A Secureworks researcher recounted, "The day after the malware was executed, a hotel employee observed that multiple messages had been sent to upcoming guests from the hotel’s Booking.com account. Several hours later, hotel customers started to complain that money had been taken from their accounts." This fraudulent activity, though not a recent phenomenon, has witnessed a surge in intensity over the past year. Cybercriminals are now venturing into the dark web to broaden their pool of victims, as reported by the BBC. Booking.com users have expressed their frustration at the company's apparent failure to safeguard them against such cyber threats.

Booking.com, in response to the escalating issue, has pledged to introduce new safety features. However, they acknowledge that there is "no silver bullet" to eliminate the risk. The company urges users to remain vigilant and emphasizes that no legitimate transaction would ever require customers to provide credit card details through unconventional channels, such as phone calls, emails, or text messages, including WhatsApp.

Despite these assurances, some users voiced their displeasure with Booking.com's handling of the situation. According to the BBC, disgruntled users expressed their anger at the company's failure to prevent them from falling victim to cybercriminals. One user commented, "Booking.com users have spoken of their anger at the company’s failure to stop them falling victim to cyber-criminals."

Pexels | Photo by Max Rahubovskiy
Hotel room | Pexels | Photo by Max Rahubovskiy

In light of this growing threat, Secureworks advises organizations in the hospitality and travel industry to implement multi-factor authentication on their Booking.com accounts. Educating employees about social engineering campaigns and instilling a habit of double-checking URLs before opening them are essential measures to thwart potential attacks.

For individual customers, caution is the watchword. Secureworks recommends approaching any emails or app messages requesting payment details with skepticism, even if they seemingly originate from legitimate Booking.com accounts. Vigilance is crucial, and customers are advised to verify any payment requests that deviate from the details listed on their confirmation.

As Booking.com grapples with the fallout from this intricate cyber scam, the incident serves as a stark reminder of the ever-evolving tactics employed by cybercriminals. In an era where personal information is a valuable commodity, users must remain vigilant, and companies must continuously bolster their cybersecurity measures to stay one step ahead of those seeking to exploit the trust of unsuspecting customers.

MORE ON MARKET REALIST
The player, Lisa Santangelo, was dumbfounded by a puzzle that was allegedly reused by the show.
3 hours ago
The player, Brittany Brock was visibly shaken after the big $40,000 win in the Bonus Round.
5 hours ago
Steve Harvey was thoroughly entertained by the plans some of the contestants had for their final hour on Earth.
6 hours ago
Costco's executive membership costs $130 annually, and with it, you can enter the store up to an hour earlier on most days.
1 day ago
Not only the contestants, but the audience also took a dig at the host with their survey responses.
1 day ago
The guest was happy that she took the vase from her father's estate after falling in love with it.
2 days ago
Rick Harrison called in a forensic document examiner because he wasn't sure Carlo Gambino would sign his own checks.
2 days ago
The guest always believed his investment in the 1984 Howard Finster painting would pay off one day.
2 days ago
While the player, Kristin Cook was happy to take home over $26,000, fans were disappointed.
3 days ago
The contestant, Erwin Paminiano, was stumped by the Bonus Round puzzle, but took the loss in stride.
3 days ago
The host put his arm around the player, Daryl, and said he was 'shocked' when he got the correct answer.
3 days ago
Once again, Ken Jennings proved that players can have a lot of fun on the serious game show.
4 days ago
While Harvey was expecting to hear some funny responses, the ladies blew his mind with their powerful answers.
4 days ago
The player, Clint Ingalls' disastrous choice of letters gave him no chance in the end.
5 days ago
The show's expert, Alan Fausel, was astonished by the fabulous Richard Cosway drawing.
5 days ago
The high school teacher could barely contain her excitement after cracking the Bonus Round puzzle.
5 days ago
The founders of Vade Nutrition couldn't the refuse the offer from Mark Cuban and Alex Rodriguez.
6 days ago
The creator claimed that the Costco avocado didn't feel or taste real, especially when compared to a ripe, organic one.
6 days ago
The player, Kenneth Blount-Hames, was stumped by a simple, everyday phrase in the final round.
6 days ago
The painting had been with the guest for 30 years, and she was curious about it.
7 days ago