Be careful if you book a hotel on Booking! The platform is facing a surge in scams, with scammers not hesitating to use ChaGPT and other AI to carry out their scams.
If you have the chance to go this summer, you may be booking your stay on travel sites. For this, online platforms like Trivago, Booking or Kayak are extremely practical. However, be careful of the scams that are proliferating at the moment! Indeed, the summer period is a real boon for scammers of all kinds, and in particular for scammers who redouble their activity and ingenuity to trap tourists and vacationers looking for good deals. Cybercriminals have understood this well and are setting up various scams based on promotions and other irresistible offers to better lure their victims. And with their popularity and colossal number of users, online booking platforms are fueling their desire…
Booking, the famous online hotel reservation site, is sounding the alarm about the proliferation of scams, and in particular phishing. “Over the past year and a half, all industries combined, we have seen an increase of 500 to 900% in attacks, particularly phishing, throughout the world,” explained Marnie Wilking, head of information security at Booking, on the sidelines of the Collision technology conference in Toronto. A phenomenon which can be explained by the use of ChatGPT by cybercriminals and which exploded shortly after the official release of the chatbot.
As a reminder, phishing is the theft of identity or confidential information (access codes, personal data, bank details, etc.) by subterfuge, via a link contained in an email and identity theft. Thanks to generative AI tools, scammers “imitates emails much better than anything they’ve done before”because technology allows them to operate in several languages, to improve their spelling and grammar while avoiding mistakes, which often make it possible to spot this type of fraudulent e-mail.
To be sure to make as many victims as possible, scammers do not hesitate to contact hoteliers themselves by posing as a customer, via an email containing a corrupted attachment, in order to infect the servers. of the establishment.
To avoid being fooled, remember to activate double authentication when you register on the platform. In this way, in addition to having to enter your username and password, this system requires you to validate your identity through an additional factor, such as a one-time code sent to your smartphone or generated by an authentication application. You also need to use a little common sense: if a link seems suspicious, do not click and, if in doubt, prefer call the establishment directly.