July 3 (Portaltic/EP) –
Scams typical of the summer season have begun to appear, one of them being known as the false hotel reservation, which seeks to steal the victim’s email credentials to access sensitive data and promote new attacks.
In recent years, it has become fashionable to receive a message via email supposedly sent by the well-known Booking platform, in which the user is alerted about his reservation, in order to get him to open a malicious file.
This email is supposedly sent to confirm a reservation made and report the amount to be paid, and attaches a document. If it opens, it requires the password of the Outlook account (Microsoft’s ’email’ service) to be able to read it, while in the background and blurred, it shows what appears to be the Booking logo.
It is likely that in the case of receiving this email, the potential victim does not know anything about said reservation, as ESET mentions, but the urgency of the date on which it is sent and the amount of money are enough to alarm.
In their analysis of the file, the researchers from this cybersecurity firm have verified that it is not actually a PDF file but an HTML extension, which will open in the browser when clicked on.
ESET researchers have identified this ‘phishing’ campaign in both personal and corporate accounts, and its purpose is to gain access to the email account, where users store important data and in the case of companies, compromise confidential information or facilitate further attacks.
OTHER SCAMS BASED ON BOOKING
The popularity of Booking as a travel reservation platform means that its image is at the center of different scams to try to deceive users. In addition to the one already mentioned, there is another that draws attention due to the specific details that it provides for a legitimate reservation.
Specifically, this other scam sends an email to a person who has made a reservation through Booking, including information such as the name of the accommodation, the type of room, the dates and even the total cost or the confirmation number of the reservation. the reserve.
The emails are addressed to the person who made the reservation, identified by their first and last name, and appear too similar to what you might see in a legitimate email from Booking. In some cases they report a problem with the payment process; in others, they urge you to confirm the reservation, by pressing a button that redirects to a web page identical to that of the real portal.
The address from which it is sent does not raise suspicions either. And on some occasions, if the user has included the contact through the telephone number, they can receive a message via WhatsApp about the reservation on behalf of the accommodation.
This attempted stay can be traced back to 2018, the year in which hotels became the target of ‘phishing’ attacks that ended up compromising their systems, and affecting Booking users, despite the fact that the security breach did not occur. on this platform, as the company has already confirmed.
