Booking.com Customers Defrauded of £370k in Sophisticated Phishing Scam, Police Issue Warning

• Scammers have reportedly swindled at least 532 travelers on Booking.com out of £370,000 by hacking into hotel accounts.
• The criminals did not breach Booking.com’s main system; instead, they targeted hotel and accommodation providers, subsequently tricking customers with deceptive emails and messages.

A story by Jerry Lawton details a sophisticated phishing scam impacting customers of the online travel agency Booking.com. It explains that fraudsters have hacked into hotel accounts, impersonating the travel agent and conning at least 532 holidaymakers out of a total of £370,000.

The scammers would communicate with customers who had made reservations, requesting payment and credit card details via emails and messages that appeared to come from Booking.com. Victims who fell for the scam lost money and handed over their personal banking details, leaving them at risk of missing out on their booked holidays.

According to the police, Booking.com’s main system was not breached. Instead, the criminals targeted hotel and accommodation providers who accept bookings via the travel agent. Customers would then receive unexpected emails and messages from a fraudulent Booking.com account linked to hotel reservations.

Booking.com responded to the situation, saying they would never ask customers to share payment information via email, chat, or WhatsApp messages. They further advise customers to report suspicious messages via their customer service team or by clicking on ‘report an issue’ in the chat function and always to verify the authenticity of any communication requesting payment information.

Adam Mercer, deputy head of Action Fraud, also urged individuals who have booked a holiday on the Booking.com platform to stay alert to any unexpected emails or messages from hotels and to contact Booking.com or the organization directly if they’re unsure.