But the service's own systems remain intact.
According to the latest report from Panda Security, a cybersecurity company, customers of the well-known online booking service Booking.com they are increasingly faced with attacks from scammers. Criminals have developed a sophisticated scheme aimed at stealing data and money.
"Despite the fact that the agency's own systems and networks were not compromised, many customers suffered due to security flaws in partner hotels," the researchers say.
The attack begins with a call to the hotels that the service cooperates with. The attackers ask the reception staff to help them find things that are lost or forgotten in one of the rooms, and then send an email with a link to Google Drive files. The disk allegedly contains photos of lost items. In fact, these files are infected with the Vidar virus, which steals login data from the system. Booking.com.
Through the online booking service, scammers approach real customers and convince them to pay fictitious fees by directing them to fake payment pages or requesting credit card details over the phone.
Experts warn that the following credentials are used: Booking.com they are already distributed in dark markets, where their price reaches $ 2,000 per account. This indicates the high efficiency and danger of the new scheme. The company recommends that travelers do not trust requests for additional payments and contact the hotel directly for confirmation.
Another wake-up call for customers is when they are asked to provide payment information over the phone or via instant messengers," Panda adds in its report. "Legitimate transactions should be carried out through online portals. In addition, it is unlikely that a real hotel will ask to share personal information on the phone or in the messaging app."
According to the latest report from Panda Security, a cybersecurity company, customers of the well-known online booking service Booking.com they are increasingly faced with attacks from scammers. Criminals have developed a sophisticated scheme aimed at stealing data and money.
"Despite the fact that the agency's own systems and networks were not compromised, many customers suffered due to security flaws in partner hotels," the researchers say.
The attack begins with a call to the hotels that the service cooperates with. The attackers ask the reception staff to help them find things that are lost or forgotten in one of the rooms, and then send an email with a link to Google Drive files. The disk allegedly contains photos of lost items. In fact, these files are infected with the Vidar virus, which steals login data from the system. Booking.com.
Through the online booking service, scammers approach real customers and convince them to pay fictitious fees by directing them to fake payment pages or requesting credit card details over the phone.
Experts warn that the following credentials are used: Booking.com they are already distributed in dark markets, where their price reaches $ 2,000 per account. This indicates the high efficiency and danger of the new scheme. The company recommends that travelers do not trust requests for additional payments and contact the hotel directly for confirmation.
Another wake-up call for customers is when they are asked to provide payment information over the phone or via instant messengers," Panda adds in its report. "Legitimate transactions should be carried out through online portals. In addition, it is unlikely that a real hotel will ask to share personal information on the phone or in the messaging app."
