Advertisement

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

One user contacted The Journal about an attempt that was made on the app to scam them. Alamy Stock Photo

Booking.com denies security breach after phishing scam attempt made on its website

The website did not clarify its responsibility in the matter, but detailed a number of mitigation measures it has taken.

BOOKING.COM HAS NOT taken responsibility for a message, which was sent through its own built-in messaging service, which attempted to scam a customer out of their money.

The Journal has learnt of a scam where accounts of real accommodation listings were being used to send messages to customers.

A message sent to one user said the company had updated its financial systems and requested “additional card verification” through a link that was off of the Booking.com platform.

While Booking.com has not accepted responsibility for the hack, it acknowledged that the property owner in question had been “targeted by phishing messages from criminal, external third parties, which in some cases has impacted their own systems”.

The user began filling out a form which was sent to him through the accommodation’s account but luckily noticed that the link was fraudulent before submitting the form with their card details. 

The form said it was to use the card details to take over €600 from the user in a “microtransaction” to confirm the banking information. It also claimed that the money would be returned, however the user recognised it was untrustworthy.

The accommodation management later informed the user, who was staying at the property at the time, that the residence had “been subject to a phishing scam”.

According to the user, the accommodation was “perfect” and believed the management had nothing to do with the attempt to steal his banking information.

Phishing scams are when texts, emails or other digital messages are used by scammers pretending to be a legitimate service in order to steal banking information from victims.

After contacting Booking.com about the attempt, the company claimed it was not responsible for the scam attempt that was made using its own messaging service.

The Journal contacted the company and provided them with the evidence that a phishing scam attempt was taking place on their website and asked the company to clarify its responsibility in the matter.

A spokesperson for the company did not clarify the company’s responsibility but said the user did receive a phishing message last year, “which luckily they did not fall victim to”.

“We can confirm that there has not been a security breach of Booking.com, but we are aware that some of our accommodation partners have been targeted by phishing messages from criminal, external third parties, which in some cases has impacted their own systems,” they added.
Booking.com said it recognised that these types of scams pose a “significant threat to many industries” and have continued to invest in new measures which protect customers and accommodation partners.

“We also have a number of checks in place to verify properties before they are ever allowed to begin welcoming guests, as well as teams dedicated to detecting and blocking suspicious activity around the clock.”

The company said it does, in “very rare” incidents, remove listings from the platform after investigations have been conducted.

It added: “We always advise customers to report any suspicious messages to us via our customer service team, or by clicking on ‘report an issue’, which is included in the chat function, where we also have clear guidance for customers on how to avoid suspicious activity.”

Customers should also check the payment policy details outlined on the property listing page and in the booking confirmation. 

Readers like you are keeping these stories free for everyone...
A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article. Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation.

Close
8 Comments
This is YOUR comments community. Stay civil, stay constructive, stay on topic. Please familiarise yourself with our comments policy here before taking part.
Leave a Comment
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.

    Leave a commentcancel

     
    JournalTv
    News in 60 seconds