What Fraudsters Like?

Filter by Tags

HumanBehavior (30) OrganizationAtRisk (27) SocialEngineering (16) DeviceSecurity (14) Cyber (13) InsiderThreat (11) TechnologyRisk (11) SocialNetworks (4) AIEnabled (4) Compliance (3) Crypto (3) Cloud (3)
A cheerful father and daughter stand on a beach at sunset, with a laptop displaying "Booking Confirmed" in the foreground and a shadowy hooded figure on a small raft with a laptop in the background water.
#WhatFraudstersLike #PhishingAwareness #TravelScams #StaySecure #LetsTalkFraud
📚 References & Further Reading

Fraudsters Like to Play Travel Agent!

Ever received a message about your vacation that seemed… off?

Yesterday, a friend of mine got a message claiming to be from Booking.com, it even included the reservation number and came from a legitimate-looking email address. But something just didn’t sit right.

🧳 Slovak hotel, English message? That’s your first clue. Slovak hosts don’t usually message local customers in English.

🔗 The link pointed to hostelbility.com – not booking.com, huge red flag.

💳 Asking again for personal & payment details? If you’ve already booked, that’s done and dusted.

⏱️ “24-hour expiration” scare tactic – no real business cancels paid reservations in such a hasty way.

🔐 “Link is encrypted and safe” – thanks, but we’ll pass on the snake oil pitch.

📲 Status still showed as confirmed in Booking.com – so much for the "pending verification" claim.

So what happened?

After calling the hotel directly (they confirmed all was OK and didn’t ask for anything), my friend notified Booking.com and suggested they check if the host’s account was hacked. The property acted fast – changed passwords, scanned devices, and shut the backdoor.

The fraudster? Probably sitting in front of a blank screen, wondering why no one bit. 🪳

And this isn’t even rare...

🚨 In the UK alone, victims lost over £370,000[ref] in one year to Booking. com-style scams using fake payment links and urgency pressure.

🔍 KrebsOnSecurity[ref] reported that fraudsters are sending phishing messages from real Booking.com messaging channels after compromising hotel accounts.

🛑 Microsoft & Malwarebytes[ref] detailed attacks where hotel staff was tricked into running fake CAPTCHA links that installed credential-stealing malware, giving scammers full access to guest details.

Advice for travelers:

Always check the domain before clicking anything. When in doubt, log in directly to the official site. Enable 2FA wherever possible – especially on accounts tied to money or reservations.

Advice for hosts & businesses:

Your Booking.com account is like your reception desk - guard it. Use strong passwords, enable 2FA, and treat any “unusual” login or message with suspicion.

📚 References & Further Reading

📰
'Your reservation is at risk': beware the Booking.com scam

Victims lost over £370,000 in the UK to Booking.com-style scams

by The Guardian • Jun 2025

📄
Booking.com Phishers May Leave You With Reservations

Scammers message guests from inside Booking.com's own messaging system.

by Krebs on Security • Nov 2024

🔬
Phishing campaign impersonates Booking.com, delivers a suite of credential-stealing malware

Hotel staff run fake CAPTCHA links, leading to credential-stealing malware (AsyncRAT)

by Microsoft • Mar 2025

Filter tags: 🏷️ HumanBehavior 🏷️ SocialEngineering 🏷️ Cyber 🏷️ TechnologyRisk
📚 3 references
1 min read July 28, 2025
← Previous Post 4 of 41 Next →