Microsoft has warned about an ongoing phishing scam impersonating Booking.com.
The phishing campaign sends fake emails from Booking.com with various contents such as guest complaints, account verifications, or requests for information.
The email includes a link or attaches a PDF leading users to a screen with a fake CAPTCHA overlay, instructing them to open Windows Run and download malware.
To protect against such phishing attempts, users are advised to check the sender's email address, be cautious of urgent threats, and hover over links to verify the full URL before clicking.