ADVERTISEMENT

Hackers use Booking.com scam to hijack hotels

Hotel staff who think they’re confirming a reservation might be booking themselves a front-row seat to a cyberattack instead.

booking hotel

Image by Cybernews

Paulina Okunytė
Paulina Okunytė Senior Journalist
Apr 4, 2025 Updated: 4 April 2025 2 min read

How does the phishing scam work?

Booking.com phishing scam
Source: Malware Bytes
Booking.com phishing scam
Source: Malware Bytes
ADVERTISEMENT
  • vencys[.]com – Used in the fake Booking.com emails.
  • bokcentrpart[.]com – Hosts the CAPTCHA trap that delivers the malicious code.
  • captpart[.]info – The final payload where the Trojan is downloaded.

Booking.com is often used for phishing scams

vilius Ernestas Naprys Gintaras Radauskas Paulina Okunyte
Don’t miss our latest stories on Google News
Add us as your Preferred Source on Google.

How to avoid phishing scams?

  • Never trust urgent emails. If Booking.com really needs you to confirm something, log into the site manually.
  • Check the email sender’s domain. If it’s not booking.com, it’s probably scammers.
  • Don’t click suspicious links. If a link in an email is telling you to verify something, it’s probably a scam.
  • NEVER run copied commands in Windows unless you know what they do. If someone is telling you to paste code into a command prompt, they’re probably hacking you.
  • Use security training for hotel staff. Teach employees to recognize social engineering attacks before they happen.
ADVERTISEMENT