Be careful if you have booked a hotel on Booking! Cybercriminals have in fact developed a new strategy to recover the personal and banking data of certain customers of the famous reservation platform.
At the slightest opportunity, cybercriminals show up! After scams involving tax returns, paying for a Spotify subscription or even purchasing tickets for the Olympic Games, scammers have developed a brand new technique. In fact, they are taking advantage of the end-of-year holidays to try to collect the personal and banking information of people who have booked on the Booking site. It must be said that with its popularity and its colossal number of users, the platform arouses the desire of cybercriminals, in the same way as the major social networks. And between the end-of-year holidays and the winter holidays, the time is ideal to carry out a vast phishing campaign intended to rob customers…
Booking: scammers try to steal your banking data
As revealed in a new report published by the specialist cybersecurity company SecureWorks, cybercriminals have recently developed a new trick to hijack Booking customer data. To do this, the hackers found a flaw in certain hoteliers using the platform.
First, the scammers contact an establishment listed on Booking in order to pose as customers who have forgotten an identity document. A friendly email which has only one objective: to gain the trust of hotel staff. When an employee responds to this email, they receive a second message in which there is a Google Drive link. Supposed to give access to a photo of the identity document, it is in reality a corrupted link. If the employee clicks on it, a computer worm allowing the establishment’s login credentials to be stolen is downloaded.
Cybercriminals, who therefore have direct access to the hotel database, can then contact real customers under the pretext of a payment problem with the establishment. A golden opportunity for hackers, who thus recover the victims’ personal and banking data.
Contacts with Booking: you must be vigilant
According to SecureWorks, hackers have been using Vidar, software already well known to cybersecurity experts, for several months. Since October, Booking establishment identifiers have been resold for between $30 and $5,000 on specialized forums. Worse still, some cybercriminals sell credentials for a fixed share of the money stolen from customers.
To combat this phenomenon, hotels registered on Booking are encouraged to use two-factor authentication. For your part, you should also be wary of your exchanges with Booking. If in doubt, it is recommended that you call the platform and confirm by telephone whether or not there are any payment problems.