Booking.com has been facing complaints about in-app fraud and scams. Users have reported receiving messages within the Booking.com app that appear to be from their booked hotel, stating that their payment method needs to be verified.
The messages use the same font and language style as the Booking.com app, making them look legitimate.
Users are then directed to a website that looks identical to the Booking.com website and asked to enter their payment details.
While some users have avoided losing money, others have had to cancel their payment cards that were connected to their phone payment system.
Booking.com claims that the scammers entered through the hotel’s legitimate account and conducted phishing attacks, using familiar elements of the app to deceive users.
It is suggested that this is a coordinated effort by attackers to commit fraud against both guests and accommodation partners.
IT security experts have highlighted the sophisticated nature of the scam, with hackers targeting smaller hospitality firms that may not have the same level of security as large platforms like Booking.com.
Customers are advised to exercise caution and verify payment policies before sharing personal details. Booking.com is working to improve security controls and advises customers to contact their customer service team with any concerns or questions about payment messages.
