Travel site phishing scam and genealogy site data breach | Avast

Booking.com users get phished

Some unfortunate travelers had their thirst for adventure rewarded with a steaming mug of scam. Users of the popular travel-booking site booking.com received bogus texts directing them to change their passwords “due to a security breach.” A malicious link in the text, if clicked, gave the phishers access to that user’s bookings. A second text then capitalized on the booking data by demanding bank info to “process payment” for the user’s specific trip. Booking.com is part of the hospitality magnate that includes priceline.com, kayak.com, and opentable.com. A spokesperson for the site states their system was not compromised, pointing to select hotel partners as the attack victims. The company claims all impacted guests have been notified and that any damages will be compensated.

Leave a Reply