Cloud over your summer getaway: hackers set sights on Booking.com hotels


Malicious hackers have infiltrated a prominent hospitality app, so you should be extra careful when booking your next holiday.

Recently, we published an exclusive investigation examining the dangers of using various hospitality apps. It turns out that hotel and transfer apps hold a treasure trove of your data, sometimes even failing to inform you that they have that information.

While you take time off, malicious hackers don’t. Given the rising demand for hotels, they’re increasingly targeting apps like Booking.com to drain your wallet.

Well-established apps like this might give you a false sense of security. Unfortunately, a big and prominent brand is, in this case, no shield from crooks. In fact, it’s quite the opposite, as they try to get in through every loophole they can think of.

Security company Bitdefender warned that threat actors have been increasingly hijacking hotel accounts on Booking.com.

Here’s how the scam typically plays out. First, fraudsters send phishing emails to hotel staff. Once someone clicks on the malicious link, the hotel’s system is infected with malware that eventually gives threat actors access to sensitive customer information.

Once they have users' details, they contact them directly, often pretending there’s been an issue with a certain booking and that a new payment needs to be made.

“This type of scam is particularly effective because it exploits the trust customers place in reputable platforms and the legitimate appearance of the communications they receive,” Bitdefender warned.

Fraudsters quite commonly also post fake listings, luring victims with lower prices.

The Booking.com tech support scam is also among the popular traps. Crooks try to convince victims that there’s been suspicious activity on their account and they need to follow a link for assistance.

So, how can you avoid these scams if they’re everywhere?

1. Be wary of amazing deals: If a hotel deal looks too good to be true, it’s probably a scam. Stop dreaming and move on.

2. Carefully check your emails: Look at the email address, subject line, and who the email is addressed to. Do not trust any correspondence requesting immediate action.

3. Avoid unconventional payment methods: No hotel will ask you for a wire transfer or direct bank deposit.

4. Do not trust urgent language: This is a popular scammer technique – causing stress so that you don’t have time to think over your decision. Usually, fraudsters tell you they will cancel your booking if you don’t pay immediately.

Bitdefender’s report focuses on Booking.com since it’s one of the most popular players in the market, with over 28 million accommodation listings. But don’t be mistaken – criminals will go after every app and every vacationer, no matter how rich or poor.