"Booking.com Customers Targeted in Major Phishing Campaign"

According to security researchers at Perception Point, Booking.com users have recently become the focus of a new, large-scale phishing campaign.  The campaign follows a methodical four-step process.  The researchers noted that to initiate their scheme, the attackers gain unauthorized access to hotel systems, effectively taking control of the hotel’s Booking.com account.  This initial breach sets the stage for their subsequent actions.  Once in control of the Booking.com account, the attackers extract the personal data of hotel guests.  This includes names, booking dates, hotel details, and partial payment methods.  The researchers stated that in the third phase, the attackers utilize the stolen data to craft messages designed to play on the fears and urgency of potential victims.  Guests are alerted that their bookings are at risk of cancellation within 24 hours unless they promptly provide their credit card details under the guise of a verification “test.”  In the final step, the attackers lead their victims to a phishing page that mimics Booking.com.  The researchers noted that this fraudulent page comes pre-filled with victims’ personal information, and the deceptive URL further adds to the confusion.  Here, victims are prompted to re-enter their credit card or bank information, unknowingly providing it to the attackers.

Infosecurity reports: "Booking.com Customers Targeted in Major Phishing Campaign"