All of a sudden, your hotel contacts you when booking, but it’s a scam
Many hotels have lost access to their Booking.com accounts. Cybercriminals are now using an insidious scam to rip off guests.
Sarina Rauber almost fell for a scam.
Meanwhile, the 33-year-old blocked her credit card and contacted Booking.com to change her login details.
What happened to Sarina Rauber is not an isolated case: Warnings are already being sent online about a new form of credit card fraud.
20 min/Michael Scherer
However, Booking.com is keeping the number of victims confidential.
There are warnings online about a new form of credit card fraud.
Many hotels have lost access to their Booking.com accounts as a result.
According to Booking.com, hotels have been inundated with so-called phishing emails.
Cyber security experts explain how to protect yourself.
Reader Sarina Rauber (33) was on Thursday Via Booking.com from their hotel Contacted in Malta. Because she booked it, she didn’t think anything of it at first, she says. “I was sent a message via chat on the official website because I need to verify my credit card.”
A website sent by a woman from Argo A deceptively authentic appearance And their booking details included: “I was shocked to see my last name was there Amount for hotel Didn’t match the booking.” However, she broke down when she was asked for a second credit card, as the first one reportedly didn’t work.
The reservation keeps the number of victims confidential
“Not even a minute after I closed the window, I got a call from an unknown number and I didn’t answer.” Meanwhile, Sarina has blocked her credit card and contacted Booking.com to change her log-in details. “It was very treacherous and I’m very glad I didn’t lose any money.”
What happened to Sarina Rauber is not an isolated case: There are already warnings online about a new form of credit card fraud. At Anwalt.de. The booking platform itself is aware of the activities of cybercriminals, but does not want to specify the exact number of victims.
Hotel booking accounts were hacked
According to Booking.com, hotels are getting so-called phishing emails (see box): Cybercriminals have now hijacked their accounts. “However, Booking.com’s systems or infrastructure were not compromised,” the company said. Booking.com tries Help victims regain access to their accounts. “Essentially, we have teams looking after the security of accounts and constantly improving their processes.”
In addition, the site has provided its partners with tips and updated information on how to keep their accounts safe in recent months. This is because recently there has been an increase in cybercrimes through phishing emails. “Our priority is that our platform is secure and reliable for partners and customers,” says a company spokesperson.
This is how you protect yourself
According to Sven Fassbender, an expert in information security and co-founder of consulting firm Zentrust, accounts are more likely to be hacked at the start of the holiday season. “Many vacationers are currently under stress and don’t want to jeopardize their vacation at any cost, which increases the chances of such fraud.” It is a well-known method that cybercriminals take advantage of this and use chat to exert pressure on time and action.
As Fassbender says, as a general rule, hotels don’t contact their guests with direct payment requests via chat. “So if you receive such a request, you should not click on the link.” The next step is to contact the site’s customer service.
Tomaso Vasella, a cybersecurity expert and managing director of security firm Scip AG, recommends notifying the credit card company and authorities. “It is important to always be vigilant. If you find something funny, there’s usually a good reason for it.”
This is how fraud happens
According to the Zurich cantonal police, an instant scam is when fraudsters send phishing emails and SMS or WhatsApp messages to customers under the name of a booking site or hotel. In messages, cybercriminals will pretend that credit card information needs to be verified. To make the claims believable, fraudsters will use relevant customer booking data in their messages, which they have previously obtained through cyber attacks or other security breaches. Next, victims are directed to fake websites of holiday resorts via relevant links in the messages and are asked to enter their credit card details.
Stay up-to-date on your favorite topics and never miss news on current world events with daily updates.
Get the most important information direct to your inbox every day.
“Wannabe pop culture fanatic. Zombie advocate. Entrepreneur. Internet evangelist. Alcohol fanatic. Typical travel buff.”