A naukri.com initiative
Krebsonsecurity
1w
380
Booking.com Phishers May Leave You With Reservations
- Phishing attacks on the hotel industry are increasing and centered around the booking.com site. The majority of these attacks appear to stem from phishing attacks launched on unsecured hotel machines that store login details to the site.
- According to statista.com, booking.com is the most searched travel site, receiving 550 million visits in September alone.
- A recent spear-phishing campaign was launched on booking.com after a California hotel had its credentials stolen.
- The phishing messages often reference actual booking details, making them appear much more convincing for the receiver.
- In response to the spear-phishing campaign, booking.com has introduced two-factor authentication. However, it is unclear whether this is mandatory for all as the company still advises users to activate it on their own accounts.
- Cybercriminal services have emerged to provide phishing campaigns targeting hotels and other booking.com partners. This includes stealing login details and fraudulent listings on the site.
- Intel 471 reported that there is high demand for compromised booking.com accounts belonging to hotels and other partners on numerous cybercrime forums.
- Some hackers have used compromised booking.com accounts to promote their own travel agencies amongst other scammers. They have provided amazing discounts for hotel reservation through bulk bookings.
- The solution for this would be to have better security protocols and both consumers and businesses should be cautious of emails that appear to be from booking.com.
- There needs to be an awareness of the impact of phishing and to consider the amount of data that is available to cybercriminals.
Read Full Article
22 Likes
For uninterrupted reading, download the app