Be careful if you book accommodation on Booking or Airbnb. Both platforms are the subject of a large-scale scam. It is based on a stratagem that is as simple as it is effective: a false payment error message.
Victims receive a seemingly legitimate email or text message, informing them that there was a “problem with the payment of their reservation”. This message, designed to sow panic and encourage rapid action, redirects users to a fraudulent website, an almost perfect clone of the official Booking or Airbnb website.
The level of customization is such that even the most seasoned users can get caught. Telekopye cybercriminals don’t just create generic pages, they use real data, likely obtained through data leaks or purchasing hacked accounts on criminal forums. Thus, when a victim accesses the fake site, they find precise information about their reservation: arrival and departure dates, price, place of stay. This attention to detail is often enough to silence the last suspicions of the most suspicious users.
Perfect copies
“Scammers mainly target users who have recently made a reservation without immediate payment, or those whose payment is very recent. This method makes the scam particularly difficult to detect, because the information is highly personalized and the sites appear authentic in every way.” explains Radek Jizba, a researcher at Eset, a cybersecurity company that closely follows Telekopye’s activities.
The final objective of this manipulation is, of course, to get victims to re-enter their bank details, under the pretext of “correcting” the fictitious payment problem. Once in possession of this information, scammers can empty bank accounts or make fraudulent purchases with impunity.
What particularly worries cybersecurity experts is the democratization of these scam techniques. Telekopye is not just a simple group of hackers, it is a real “toolbox” made available to crooks, even without advanced technical skills. This industrialization of fraud allows criminal networks with thousands of members to operate on a large scale, causing financial damage amounting to millions of euros.
How to avoid getting trapped?
Faced with this threat, vigilance remains the best defense. Experts recommend always checking the site URL before entering sensitive information. A redirect to an address other than the official website should immediately arouse suspicion. It is also essential to never click on links received by email or SMS to access your account, it is better to type the site address directly into your browser.
Booking and Airbnb, for their part, are increasing their warnings to their users. Both platforms insist that they will never ask you to re-enter payment information via a link sent by email or SMS. They encourage their customers to contact their customer service directly if they have any doubts about a message received.
Booking explains
Following the publication of our article, Booking wished to exercise its right of reply. Here is the official statement from Booking following this cyberattack.
“We know that some customers have been affected by scams. This is not a breach of the security systems. Booking.combut of coordinated fraud against customers.
As a responsible travel company, we are aware of the consequences of such scams by malicious third parties for our business, our accommodation partners and our customers. We constantly review and strengthen our own security controls, we provide guidance and training to our hosting partners and we regularly remind our customers that they should never share their personal data with our hosting partners and that they should favor payments via our platform, which offers a guided and secure payment process.
We continue to make significant investments to limit the impact of these evolving tactics as much as possible. With the rigorous controls and machine learning capabilities we employ, we are able to detect and block a large majority of suspicious activity before it impacts our partners or customers.
In addition to constantly monitoring and blocking new threats, our dedicated account security team is also implementing new measures to ensure the security of our customers’ and partners’ accounts. For example, if we detect suspicious activity on a hotel account, we act quickly, including immediately disabling the ability to share links through messages on our platform, to prevent fraudulent payment requests. Additionally, we share tips and best practices for protecting themselves and their businesses, as well as the latest information on malware and phishing, with our partners, so they are aware of the latest trends we are seeing. .
Given the millions of reservations we facilitate each week, such cases fortunately remain very rare. Nevertheless, we take each case very seriously and, in order to comply with our regulatory obligations, we investigate each incident and provide regular updates on these frauds to the authorities.
If a guest is unsure about a payment message received, we encourage them to check the accommodation’s payment policy, available on the accommodation’s listing page, or to contact us directly. Our customer service is available 24 hours a day, 7 days a week.”
- A wave of sophisticated scams targets Booking and Airbnb users
- Scammers use real booking data to create very convincing scam sites
- Booking and Airbnb have warned their customers but vigilance remains the best defense against these scams