Los phishing emails that seek to deceive by posing as a well-known company are increasingly common, but it is not usually so common that they include details of customer reservations like those that revolve around Booking.
Booking users have been sharing scam attempts that take advantage of the travel agency brand to try to deceive them for around five years.
These are emails that receive customers who have made a reservation through the well-known portal, with the peculiarity that they include specific details of it, such as the name of the accommodation, the type of room, the dates and even the total cost or the reservation confirmation number.
The emails are addressed to person who has made the reservation, identified with their first and last name, and show too similar in appearance to what you might see in a legitimate email from Booking.com. In some cases they report a problem with the payment process; in others, they urge you to confirm the reservation, by pressing a button that redirects to a web page identical to that of the real portal.
The address from which it is sent does not raise suspicions either. And on some occasions, if the user has included the contact through the phone number, you can receive a message via whatsapp about the reservation on behalf of the accommodation, as it happened to a reader of Ars Technica.
These ’emails’ appear even if the client has not shared the data ‘online’,as is the case with this reader, point to the aforementioned medium, which leads to suspicion of some type of data leak.
The scam attempts so detailed can be traced back to 2018 on portals like Reddit, where users shared their experience receiving ‘phishing’ emails. One of the forum participants then referred to the possible cause: a ‘hack’ of the portal that the platform manages separately with the hotels with whom you work.
Hotels became the target of ‘phishing’ attacks that ended up compromising their systems, as Booking detailed in 2018 to the Express newspaper and has repeated in a statement sent this Wednesday to Ars Technica, almost five years apart.
Specifically, the most recent statement reads: “We have been made aware that some hosting partners have been targeted by phishing emails, which unfortunately has led to their systems being compromised. If Although the security breach was not at Booking.com, we know that the accounts of some of our accommodation partners have been affected. Booking.com quickly blocked these accounts to help reduce risk and our teams are actively supporting these accommodation partners to ensure they can quickly and safely resume their listings on our platform. We are also actively supporting any potentially affected customers as our security teams continue to investigate this issue.”