Phishing Scams Put Hotel Guest Data At Risk

Uploaded on 2025-04-15 in NEWS-Cybersecurity News, FREE TO VIEW

A new  phishing campaign is using the Booking.com to  attack hotels online, using fake Captcha websites and hotel and hostel workers are being tricked into downloading credential-stealing malware by cyber criminals impersonating Booking.com. 

First identified by leading cyber security firm Malwarebytes, the attack begins with cyber criminals sending a fake Booking.com email, designed to look like a routine reservation confirmation, to the staff at the hotel’s email address, asking them to confirm a reservation.

Clicking the link leads to a near-identical replica of the Booking.com login page. At this point, a CAPTCHA screen pops up, asking the user to “prove you’re human,” and although this might seem like a normal security feature, it is part of the criminal’s scam technique.

Unfortunately, the CAPTCHA page doesn’t verify the user’s identity; instead, it copies a malicious command to the victim’s clipboard. Hotel staff are then told to paste and engage with this command in their Windows system and this will install a Trojan giving criminal hackers access to the hotel’s network. Once inside, attackers can steal guest information, including booking details, personal data, and payment information

In some cases, the attacker will deploy ransomware, locking down the booking system until a ransom is paid. Hackers can also sell this stolen data on the Dark Web, potentially affecting thousands of guests.

The best hotel security for these attacks should include checking the sender’s domain, avoiding suspicious links, logging into Booking.com manually, rather than through a link in an email, and never executing copied commands unless certain of their legitimacy. 

To protect against these threats, Booking.com advises hotels to ensure staff are trained to spot phishing attempts. 

Threatdown   |   Microsoft  |   Windows Forum   |  I-HLS   |   Camino de Santaigo   |  The Record  

Image: Ideogram 

You Might Also Read: 

Cyber Criminals Can Clone Branded Websites:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible






 

« ChatGPT's Image Generation Could Be Driving Retail Fraud 

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Spiceworks

Spiceworks

Spiceworks provide a range of free apps for IT professionals including network inventory, network monitor, and help desk.

Combitech

Combitech

Combitech is the Nordic region’s leading cyber security consultancy firm, with about 260 certified security consultants helping companies and authorities prevent and manage cyber threats.

TrustArc

TrustArc

TrustArc provide privacy compliance and risk management with integrated technology, consulting and TRUSTe certification solutions – addressing all phases of privacy program management.

Egis Technology

Egis Technology

Egis specializes in the IC design, research and development, and the testing and sales of capacitive fingerprint sensor.

Riscure

Riscure

Riscure is a global test lab and tools leader for device security. Core expertise in side channel analysis, fault injection and embedded device software.

Turkish Accreditation Agency (TURKAK)

Turkish Accreditation Agency (TURKAK)

TURKAK is the national accreditation body for Turkey. The directory of members provides details of organisations offering certification services for ISO 27001.

Liquid Technology

Liquid Technology

Liquid Technology provide DOD- and NIST-compliant data destruction and EPA-compliant e-waste disposal and recycling services throughout North America, Europe and Asia.

AmWINS Group

AmWINS Group

AmWINS are a global specialty insurance distributor with expertise in property, casualty and professional lines including cyber liability.

Newtec Services

Newtec Services

IT should be responsive, adaptive, and smart. Now more than ever, you need a business that runs efficiently and can adapt to today's challenges. We can help with custom IT solutions.

Clear Thinking Solutions

Clear Thinking Solutions

Clear Thinking is an IT Solutions company specialising in secure & compliant technical services.

Assure IT

Assure IT

Assure IT is a Singapore company specialising in technology governance, risk and compliance.

Contextual Security Solutions

Contextual Security Solutions

Contextual Security Solutions is a leading provider of penetration testing services and IT security & compliance audits.

Tuta

Tuta

Tuta (formerly Tutanota) is an all-in-one email, calendar and contacts app which protects your data with full end-to-end encryption and it requires zero personal information.

StrongBox IT

StrongBox IT

Strongbox IT provides solutions to secure web applications and infrastructure.

Board of Cyber

Board of Cyber

Board of Cyber offers Security Rating: a fast, non-intrusive, continuous, 100% automated solution to evaluate the cyber performance of an organization.

Blue Goat Cyber

Blue Goat Cyber

Blue Goat stands at the forefront of cybersecurity, particularly in medical device security and penetration testing.