Hackers are causing problems for Booking.com customers. These cybercriminals are looking for victims by posting requests for assistance on hidden online forums. They are prepared to pay up to $2,000 for hotel login information to target the people who stay there. These con artists have been duping clients since March and are becoming more cunning with their schemes.
According to a BBC story, research has revealed how these hackers work. Although Booking.com has not been hacked, these thieves are attempting to get access to the systems of individual hotels affiliated with the website. People from the United Kingdom, Indonesia, Singapore, Greece, Italy, Portugal, the United States, and the Netherlands have all complained about falling prey to scams while using Booking.com.
According to cyber-security experts, the hackers dupe hotel workers by posing as past customers who left their passports behind. They send emails with URLs that, instead of displaying passport photographs, install malicious malware on the computers of the personnel. This malicious program then scans the hotel’s networks for access to Booking.com.
Once they have gained access, the hackers may see all of the clients who have reserved hotels or vacations. They then call these consumers using the official app and deceive them into paying money straight to the hackers rather than the hotel.
These hackers are making a lot of money off of this fraud and are now willing to pay other crooks to gain access to other hotel systems. According to Rafe Pilling of Secureworks Counter Threat Unit, this fraud is working exceptionally well for the hackers since the emails appear to be from a reputable source, making it simpler to deceive legitimate consumers.
Lucy Buckley, one of the victims, was fooled into paying £200 to hackers using the Booking.com app. They pretended to be from the Paris hotel where she had a reservation and threatened to cancel it if she did not pay. Fortunately, she retrieved her funds from the bank, but it was later uncovered that her funds had been transferred to an account in Moldova.
Booking.com said it is aware of the problem and is assisting partners in securing their systems and assisting impacted customers in recouping lost monies. Graham Cluley, a cyber-security expert, proposes that Booking.com hotels use additional security measures such as multi-factor authentication to prevent these thieves from logging in unlawfully.
He also advises Booking.com to be extra cautious about conversation links to avoid users falling for freshly created bogus websites aimed at tricking them into completing payments.