booking
Booking Logo

CAUTION: Don’t get caught up in these common Booking.com scams

BUSINESS TOURISM
LinkedIn

Booking.com has become one of the main e-commerce platforms in the travel sector for those looking for deals on hotels and holiday accommodation, but also for services such as car rental and airline tickets. In fact, it is the most visited travel and tourism website worldwide, having processed more than one billion bookings in 2023, double the number recorded in 2016.

Apparently, the popularity of Booking.com has not escaped the attention of cybercriminals, who are always on the lookout for victims on high-traffic online services, say experts at global digital security firm ESET.

Booking.com itself has acknowledged the scale of the problem and has seen a staggering “500 to 900% increase” in travel fraud over the last 18 months. This increase is largely due to the use of tools such as ChatGPT by cybercriminals since November 2022.

With the holiday season in full swing, let’s take a look at some of the most common scams involving Booking.com and what to look out for, according to ESET experts, when using this platform.

Phishing

(Reddit)

Emails, text messages and social media messages are a key element in the fraudsters’ arsenal. In these types of scams, fraudsters impersonate a trusted platform or organisation to trick their victim into believing they are in contact with the official representative of the website.

Obviously, Booking.com is not immune to these scams, the scammers pretend to be representatives of the platform, hotel or other agency that the victims have booked through the website.

They often concoct a plausible story and create a sense of urgency by trying to trick the victim into clicking on a link to make a new payment in order to fix a supposed bug or not to lose their reservation, says Christian Ali Bravo from the ESET team.

The availability of generative AI tools has paved the way for more convincing and effective scams. By creating phishing emails that are grammatically correct, with proper content and without the red flags that could alert the recipient, cybercriminals can easily trick people and businesses into downloading malware onto their devices, disclosing sensitive information or transferring money.

Hacked conversations

Some scammers may go a step beyond sending random phishing messages. There have been several reports of cybercriminals finding a way to trick their victims through the platform’s own messaging system.

After finding a way to get into the accounts of the hotels where holidaymakers made their bookings, they contacted a large number of people directly via in-app chat and urged them to make a payment to confirm the booking.

The scammers claim that there was a mistake in the previous payment, demanding a repeat payment to avoid losing the reservation. In other variations of this trick, fraudsters would ask for credit card or passenger details to verify or confirm the booking.

While this did not occur as a result of a breach of Booking.com’s systems or infrastructure, it is advisable to be wary of any communication that asks for your personal or payment details.

Non-existent… accommodation

Many holiday accommodations look like something out of a fairy tale. Over the years, many holidaymakers have been scammed by fake listings. In this case, cybercriminals advertise a luxury home that can be rented at a low price and instruct their victims to pay, even through Booking.com. Upon arrival, you will find that the accommodation does not exist or that the property is not for rent.

In fact, in a short period of time, Booking.com’s monitoring systems kick in – the fake listings are discovered and removed. However, your holiday may already be ruined, so it’s best to do your research before you book.

Look for reviews and ratings for the place, check if the price is roughly similar to that of ‘competing’ houses or apartments and reverse search the image to see what is shown – it is likely to be a free stock image or stolen from other websites. The bottom line is that if something looks too good to be true, it usually isn’t.

Fake job offers

The text or message on social media is pretty straightforward: “We need someone to evaluate hotel reservations. We pay $200 to $1,000. All you need to do is rate or like the hotel at (fake link on Booking.com).” That’s how the message offering side hustle jobs, supposedly from Booking.com, starts. It is also a variation on popular scams involving working from home.

Victims are asked to pay a deposit to secure a job and/or send their personal information, such as social security numbers or other information that can be used to commit identity theft. In some cases, scammers may have their eye on your cryptocurrency or other information.

How to stay safe? Booking.com does not hire people to do hotel reviews and does not recruit people through text messages. Recruitment is done through Booking Careers, and there are no jobs on the platform that require people to review hotels.

12 tips to avoid Booking.com and other travel scams

ESET’s Christian Ali Bravo gives us 12 tips that will go a long way in helping those who use Booking.com stay safe:

  • Whenever you contact someone representing Booking.com or a hotel you’ve booked, look out for the typical signs of a phishing email, such as urgent requests for supposedly immediate action.
  • Always verify that emails come from the official agent and be wary of spelling mistakes.
  • If you receive a suspicious message, go directly to the website and log into your account to verify it.
  • Booking.com never asks for information such as your full credit card details, social security number or passwords via email or chat.
  • Avoid clicking on links in unsolicited emails or text messages.
  • Make payments through the official Booking.com platform. Avoid transferring money directly to the hotel.
  • Check the reviews and ratings of the property on Booking.com and look for reviews that are authentic and detailed. Check and cross-check details and images of the accommodation on other travel sites or platforms.
  • Make sure your devices have up-to-date security software to protect against malware and phishing attempts.
  • Keep your operating system and other software up to date to protect against security vulnerabilities.
  • Protect your online accounts with strong and unique passwords or passphrases and two-factor authentication.
  • If you experience any suspicious activity, report the issue to Booking.com customer service.
  • If you suspect that your payment details have been compromised, notify your bank or credit card provider immediately

ESET

For more than 30 years, ESET® has been developing leading information security software and services to protect businesses, critical infrastructure and consumers around the world from increasingly sophisticated digital threats. ESET’s solutions cover a wide range, from endpoint and mobile device protection to endpoint detection and response, as well as encryption and multi-factor authentication.

ESET’s high-performance, easy-to-use solutions protect and discreetly monitor 24/7, updating its defenses in real-time to keep users safe and businesses running smoothly. Evolving threats require an IT security company that enables secure use of technology. This is supported by ESET’s R&D centers around the world, working to support our shared future.

Post Views: 1,066
Tagged

Σχετικά άρθρα

Posidonia

POSIDONIA rescheduled for October 2020

michael-parulava-lciwYx5XVOk-unsplash

Mabrian unveils new travel trends for Russian tourists in 2022: Turkey tops the list

WTTC and Hotelbeds uncover Global Tourism Trends

Leave A Comment

Leave a Reply

Your email address will not be published. Required fields are marked *