Overview

• Cybercriminals gained access to Booking.com’s Extranet after a hotel employee opened a phishing email, enabling scammers to intercept and send messages to guests.
• Hotel guests received fraudulent emails mimicking booking alerts that demanded advance payments or sensitive personal information.
• Booking.com reports identifying 250,000 fraudulent messages in its network and maintains that customers who click external links must bear any resulting losses.
• The Hotelverband Deutschland logged more than 100 phishing incidents last year and warns that the Extranet lacks automatic fraud alerts despite two-factor authentication.
• Industry groups recommend that travelers verify booking communications directly with hotels and treat unsolicited payment requests as suspicious.