Booking.com, one of the world’s largest online travel agencies, is facing a new scam in which fraudsters attempt to trick hotel guests into sharing their payment card details. As someone who recently booked a hotel room through Booking.com, I almost fell victim to this scam myself. After making my booking, I received a message from the hotel via the Booking.com app, stating that my card had not been verified and that I needed to recheck it within 12 hours to avoid cancellation. The message included a link to a website that appeared to be Booking.com, but was actually a fraudulent domain created just hours earlier. Thankfully, I didn’t fall for the scam, but it’s easy to see how many others could be tricked, especially when in a rush or distracted.
After the incident, I reached out to Booking.com’s security team to report what had happened. Unfortunately, the company did not respond to my email. However, I later received an email from Booking.com, acknowledging the fraudulent behavior and offering advice to customers on how to protect themselves. The email warned against sharing login details, personal or financial information over the phone, email, or instant messaging, and emphasized that Booking.com would never ask for this information. It also recommended changing passwords and checking email addresses thoroughly to ensure they come from official Booking.com sources.
While the advice provided by Booking.com is important, it’s worth noting that the fraudulent messages I received came directly through the Booking.com app and website, as well as via email from a legitimate-looking @booking.com address. This raises questions about how fraudsters are able to use the platform to send these messages and whether there may be a security breach within Booking.com or the hotels themselves.
In conclusion, it is crucial for customers to remain vigilant when booking through online travel agencies like Booking.com. While these platforms offer convenience and ease of use, they are also vulnerable to scams and fraudulent activities. It is advisable to double-check messages received, especially those requesting personal or financial information, and to contact the platform’s customer service directly if in doubt. Additionally, it is important for companies like Booking.com to prioritize cybersecurity and promptly respond to reports of potential scams to protect their customers.