Booking.com customers targeted by hackers in WhatsApp and text scam
Numerous hotels and guesthouses on holiday accommodation site Booking.com were targeted by bogus texts alerting victims to a security breach in an attempt to steal hundreds of pounds from customers.
Users were contacted via text and WhatsApp messages claiming payment was needed.
They were easily duped as the messages seemed to contain genuine personal data, including names, addresses, phone numbers, dates and prices of bookings, and reference numbers.
Marketing manager David Watts, 35, of Newcastle, told The Sun: “It looked very believable and I can believe people fell for it.”
Booking.com has said its systems were not compromised, but that the hotels it works with on a separate portal were and customers will be duly compensated.
A spokesperson from Booking.com told Express.co.uk, “Security and the protection of our partner and customer data is a top priority at Booking.com.
“Not only do we handle all personal data in line with the highest technical standards, but we are continuously innovating our processes and systems to ensure robust security on our platform.
“In this case, there has been no compromise on Booking.com systems. A small number of properties have been targeted by phishing emails sent by cyber criminals and by clicking on those emails, the properties compromised their accounts.
“All potentially impacted guests have been notified and because we value our customers at Booking.com, we are supporting impacted guests to compensate for any losses incurred, and reclaim these from the property.
“If customers have any questions regarding their reservation or to report losses, they can contact our customer service team.”
This most recent cyber attack on Booking.com is not the first in the travel industry.
Last month, Ryanair took to their official Twitter account to warn customers about the latest WhatsApp scam which claimed to offer them free tickets for Ryanair flights.
But, as the Ryanair Twitter account pointed out, the budget airliner does not have an official presence on WhatsApp.
WhatsApp advises users sent hoax messages “to block the sender, disregard the message and delete it” and they should “never forward” it.
You can also report the scam to Action Fraud, the UK’s national fraud and cyber crime reporting centre.
In March of this year, Orbitz, a subsidiary of online travel agency Expedia, revealed hackers may have accessed personal information from about 880,000 payment cards from January 2016 to December 2017. TripAdvisor was also hacked and user emails “stolen” in March 2011.
So, how else can you stay safe online when booking holidays online? Here are our top three tips.
Firstly, always pay by credit card. This protects customers thanks to Section 75 of the Consumer Credit Act when paying anything over the value of £100.
Secondly, make sure your holiday is ATOL protected so a problem with the airline or travel firm is covered and travellers can be reimbursed.
And lastly, always have travel insurance as ATOL protection may not apply if choosing flights and hotels separately.