Perception Point has recently discovered a sophisticated phishing campaign that specifically targets users of Booking.com. This campaign involves unauthorized access to hotel systems and the hijacking of hotel Booking.com accounts. The stolen personal information of hotel guests is then used to send targeted messages, urging victims to provide their credit card details within a 24-hour window [2]. This has resulted in significant financial losses and raised concerns about breaches of trust and potential misuse of personal data.
Description
In this large-scale attack, the perpetrators gain unauthorized access to hotel systems and take control of the hotel’s Booking.com account [2]. They extract personal information of hotel guests [2], including names [2], booking dates [1] [2], hotel details [2], and partial payment methods [2]. This stolen data is then used to send targeted messages to potential victims, urging them to provide their credit card details within a 24-hour window to prevent their bookings from being cancelled. The victims are directed to a phishing page that closely mimics the legitimate Booking.com site, where they unknowingly provide their credit card or bank information [2]. This campaign has had a global impact, affecting hotels and resorts worldwide and resulting in significant financial losses. It has also raised concerns about breaches of trust and potential misuse of personal data. The security team at Perception Point warns that this phishing attack may be part of a larger pattern observed in a previous InfoStealer campaign that specifically targeted hotels and travel agencies.
Conclusion
This phishing campaign targeting Booking.com users has had far-reaching impacts, affecting hotels and resorts globally and resulting in substantial financial losses [2]. It has also highlighted concerns about breaches of trust and the potential misuse of personal data. To mitigate the risks, users are advised to carefully scrutinize URLs, be cautious of urgent requests [1] [2], directly contact service providers for verification, share knowledge about phishing [2], and regularly monitor their accounts for any unauthorized transactions. The security team at Perception Point also warns that this attack may be part of a larger pattern, indicating the need for continued vigilance and proactive measures to protect against future attacks.
References
[1] https://vpninsights.com/news/booking-com-customers-a-target-of-sophisticated-phishing-attack/
[2] https://www.infosecurity-magazine.com/news/bookingcom-customers-targeted/
