In the ongoing battle against cyber threats, a new attack tactic is gaining popularity this season — scammers targeting Booking.com clients through the service’s internal messaging system. Operating through compromised hotel accounts on admin.booking.com, cybercriminals employ a multi-stage approach, infecting hotel staff computers with password stealers. These attackers launch targeted email attacks on hotel staff, posing as recent guests seeking assistance, ultimately leading to the theft of login credentials.
Once armed with stolen login information, cybercriminals gain access to hotel accounts on admin.booking.com, paving the way for the exploitation of Booking.com’s internal messaging system. Clients are then targeted with deceptive messages, urging them to rectify apparent payment card errors by providing sensitive information. The scam culminates in the victims landing on fake Booking.com pages, meticulously crafted to extract payment details.
Notably, cybercriminals are specializing in different aspects of this scheme — some collect hacked Booking.com accounts, while others exploit these accounts to deceive hotel clients. Advertisements on underground forums offer substantial sums for logins and passwords from admin.booking.com accounts. This growing criminal trend raises concerns about the increasing vulnerability of hotel accounts on Booking.com, with potential repercussions for both hotels and clients.
For effective protection against the theft of admin.booking.com accounts, cybersecurity measures are crucial. Recommendations include avoiding storing passwords in browsers, opting for secure password managers, installing reliable protection on all business devices, and prioritizing the security of computers used for communication with strangers to mitigate the risk of attacks. As this threat evolves, proactive cybersecurity practices become indispensable in safeguarding both hotel and client interests.
