Safe travels: Protect yourself from the Booking.com scam

February 5th · 8 min read

Rotem Tal - Senior Cybersecurity Expert |Writer & Editor|
Rotem Tal - Senior Cybersecurity Expert |Writer & Editor|

Caught in the net: The Booking.com scam story

Remember the days when planning a trip meant piles of brochures, long waits on the phone, and that giant paper map that refused to fold back correctly? If that scenario doesn’t ring any bells, you're either wonderfully young and were born in an era where such trials are tales of the past - or you've never been on vacation! Yeah, I know I totally aged myself… But anyways, fast forward to today, and it's a whole new ballgame. A few taps on your phone and voilà, your travel plans are set! Booking apps and websites have changed the game, turning trip planning from a chore into something you can do in your PJs. But as per usual, when it comes to online convenience, there are always cybercriminals ruining everyone's fun by exploiting these platforms, for their own gain. Aiming to swipe your cash and destroy your vacay.

In this article, we’re going to unpack a particularly sinister booking scam that’s targeting Booking.com hotels and customers. We’ll give you the low down on red flags you need to look out for before booking your next trip, and obvs, spill the beans on Guardio’s online security and how it can help you avoid these scams altogether. So grab your bathing suit, and let’s dive in.

You worked so hard for your vacation

Don’t let online travel scams ruin it! Protect your bookings and information with Guardio.

The Booking.com scam: What you need to know

Booking.com is a major platform for holiday and trip booking that connects travelers from across the globe to a vast array of accommodation and travel options. Hotels use Booking.com as a third-party platform to craft their digital storefronts and showcase the best of what they offer through enticing photos and detailed listings. Booking.com’s platform is their promotional stage, designed to charm and inform potential guests about unique amenities, luxurious rooms, and exceptional services. It's the go-to spot where hotels from all over the globe can shout out, "Hey, come stay with us!" and travelers can book a room, sort out their payments, and chat it up with their soon-to-be hosts all in one place. It's like a digital meet-and-greet that makes planning your stay as easy as pie.

Mechanics of the scam: How fraudsters operate

In the last few years, Booking.com has been under a negative spotlight as its customers have been speaking up about getting targeted by phishing scams through the platform. Picture finding the perfect getaway on Booking.com: a beachfront resort in Bali offering surfing, snorkeling, and diving, along with endless options to savor delicious cuisine and indulge in refreshing cocktails — you know, your basic dream vacation. So you go ahead and book it for you and your family. The excitement is real, but so is the scam brewing in the background.

You use Booking.com, enter your credit card details, and receive a confirmation email. Sounds legit, right? But under the radar, cybercriminals have cooked up a scheme, tricking hotels, stealing their customer's info, and then reaching out to them with emails that scream, “Pay now or say goodbye to your booking!” It’s clever, it’s crafty, and it’s causing a whole lot of headaches. The hotel is legit, and the Booking.com site is legit, that’s what makes this scam particularly hard to spot. Confused? Don’t worry, we’ll explain!

Family in airport

Let's break it down from the top. Scammers exploiting Booking.com’s digital ecosystem pretend to be a previous guest in a hotel promoted on the platform. They send the hotel a fake cry-for-help email, claiming they’ve left something behind. When the hotel bites and clicks on what they think will show them a picture of a forgotten passport, teddy bear, or phone charger, bam! Malware is automatically installed on their computers giving scammers a backstage pass to the hotel's Booking.com portal and to all of their customer's details. This is where things get real - real dark, that is.

Armed with this stolen data, like names, emails, and travel dates of future hotel guests, scammers craft emails that cleverly masquerade as urgent messages from the hotel via the Booking.com platform. This allows them to reach out directly to unsuspecting future guests, creating a false sense of immediacy and authenticity. These sneaky emails pull out all the stops with social engineering tricks, using a mix of super convincing tones and made-up stories. The emails, masked as official communication, are meticulously crafted, complete with links to reservations and detailed stay information, making them indistinguishable from a legit correspondence. The scammers' message is clear: act fast—within a tight window of four to twelve hours—or face losing the reservation. The sense of urgency is ramped up as these warnings also pop up through the Booking.com app on mobile phones, lending an air of ‘trust’ to the scam.

So how do scammers get into the Booking.com app and send customers these emails? Booking.com denies claims of a system breach, pointing fingers at compromised email systems of their partner hotels. However, the affected hotels insist their systems are secure against such breaches. The truth is that we might never know, but whether the stolen information came from Booking.com or the hotel itself isn’t as important as knowing that these scams exist and learning how to steer clear of them.

Bags packed and ready to go?

Don't let scams ruin your fun! Pack Guardio and ensure all your online bookings are legit.

Real victims, real scams

Booking.com scams aren’t just cautionary tales, they’re a reality for people like Julia Berridge and Kate Wright, who fell victim to a series of sophisticated phishing emails while using Booking.com. Julia, during her stay in Marseille, was tricked into believing an email, complete with her booking details and appearing in her Booking.com app, was legitimate. She ended up catching wind of the scam and canceling her bank card without losing money, but the inconvenience and stress were real. Kate wasn't so fortunate; she was duped into making a duplicate payment and had to battle through disbelief and frustration with Booking.com's customer service to get her money back.

Imagine arriving at a hotel, or even at the airport, buzzing with excitement for the vacation ahead, only to discover your entire holiday was a sham. Your excitement turns to despair as you realize your hard-earned money has vanished into the pockets of fraudsters. No flight, no hotel booking—just money vanished into thin air! And to be honest, it's not just about the loss of money; it's the crushing disappointment, the betrayal, and the disruption of what should have been a joyous getaway. As travelers, awareness and caution are our best defenses against these sophisticated schemes. Plus, arming yourself with a security tool like Guardio can pretty much help you avoid online scams altogether.

Booking scam infographic

Avoiding Booking.com scams: Red flags

To keep your travel plans safe and sound, here's a rundown of red flags to watch out for:

  • Urgency and pressure: Be wary if you're rushed to make decisions or actions, suggesting something might go wrong if you don't act swiftly.

  • Falsifications: Always stay sharp when booking or shopping online, since scammers can skillfully mimic anything from emails to websites. Seeing this as just a red flag underestimates the threat; it's a crucial online safety habit.

  • Suspicious requests: Avoid clicking on links or attachments from unknown sources, especially those requesting money.

  • Direct verification: If you’re unsure of a booking platform, ad, or email, contact the business or platform directly using verified contact details, not those provided in a suspicious message or advertisement.

  • Ad caution: Exercise caution with online ads for holiday bookings; verify the authenticity of advertised services through secure and known channels.

With precautionary measures and these red flags in mind, the next step in defending your online bookings involves a proactive approach. Keeping scam-free is all about staying sharp. Don’t just click on any link that lands in your inbox. Double-check those “urgent” payment requests, and maybe don’t rush to enter your card details at the drop of a hat. And hey, turning on multifactor authentication isn’t just for tech whizzes; it’s for anyone who wants to keep their online life locked down tight. Amongst all these red flags and tips, it’s also important to recognize the importance of cybersecurity tools like Guardio!

Guardio: Your travel companion against scams

When you're planning your next big adventure, the last thing you want is some scam ruining the vibe. Enter Guardio, the digital travel buddy that's all about keeping your online world safe, especially when you're booking that dream trip. It’s like that travel friend who reminds you to put on sunscreen and warns you about that 8th tequila shot…. We all need a friend like that, don’t we? Let's break down how Guardio keeps those scammy Booking.com emails from raining on your parade:

  • Email protection: Guardio's always got your back, scanning your emails to catch anything fishy before it hooks you. It's on the lookout for scammy Booking.com emails, making sure your inbox is as clean as your holiday itinerary.

  • Text filtering: Ever get those texts that just feel off? Guardio's got text filtering that sifts through the noise, ensuring sneaky scam texts don’t mess with your travel plans.

  • Phishing alerts: The moment a phishing attempt tries to bait you with a too-good-to-be-true Booking.com deal, Guardio's alarm bells go off, keeping you one step ahead of the game.

  • Malware block: Stumble upon a dodgy link promising an unbeatable Booking.com offer? Guardio's on it, sniffing out malware before it can unpack in your system.

  • Browser pal: Guardio tightens up your browser, shielding you from the sneaky tricks and traps scammers set up to mimic legitimate websites like Booking.com pages.

  • Social media guardian: And because we know how much planning happens over social media, Guardio extends its protection to your accounts, preventing hijackers from turning your travel excitement into a nightmare.

With Guardio by your side, you can plan, book, and enjoy your travels without the worry of online scams. It's like having a personal bodyguard for your browser, so you can focus on what really matters - making those vacation memories.

Staying Scam-Smart

Booking your next adventure should be all about the excitement, not dodging digital scammers. With Guardio by your side, you’re not just booking; you’re booking smart. Check out Guardio's Security Features and make sure your only surprises are the good kind, like an unexpected room upgrade or finding that hidden beach. Here’s to safe travels and scam-free adventures!

Turn your travel dreams into reality, scam-free!

Escape the scammers, not the destination! Pack Guardio for safe and secure Booking.com experiences.

Be the first to know!

Subscribe to our exclusive mailing list and get the freshest stories from the Guardio team

You may also like