This post was originally published on here
NordVPN cybersecurity expert Adrianus Warmenhoven warned the latest attack on Booking.com would likely result in a spike in phishing emails, fake payment requests and “verification” messages targeting affected users.
“This type of breach is particularly dangerous not because of financial data, but because of context,” he said.
“When attackers gain access to booking details such as names, travel dates, and accommodation information, they can craft highly convincing, personalised scams that are much harder to detect.”
So just how do these travel-based scammers operate, and what can customers do to protect themselves?
Why are hackers targeting travel companies?
Travel-related data is particularly valuable to scammers because of the nature of the information provided, cybersecurity expert Tyler McGee from McAfee told nine.com.au.
“When you look at travel sites compared to other sites, typically people… provide a lot of information when they are purchasing – they’ll provide their credit card details, sometimes their passport information, and all the requirements they would basically need to purchase a plane ticket or book hotel accommodation.
“That’s the type of information that scammers are very, very interested in, because that gives them a good insight into you as an individual.”
Travel data is also especially sensitive because it introduces a time element, explained Warmenhoven.
“Scammers know exactly when you’re due to travel, which makes their messages feel urgent and legitimate – whether it’s a ‘problem with your booking’ or a ‘last-minute payment request’,” he said.
But what do hackers do with my travel data?
Collecting the illicit data is just the first step in a sophisticated multi-layered operation often involving multiple black market businesses.
“This is not a couple of scammers sitting in the garage of their house,” McGee said.
“This is an industry. These are sophisticated businesses.”
Once the data is collected the hackers will typically sell that information on the dark web to another organisation, such as one specialising in phishing scams.
This organisation can then contact individuals with highly personalised and convincing emails purporting to be from Booking.com, a hotel provider or another travel provider.
“Imagine receiving a message that references your exact stay, dates, and property – it immediately feels legitimate,” Warmenhoven explains.
“This is exactly what cybercriminals rely on.”
The email may request payment to lock in accommodation or state that you’ve been overcharged and request bank details, often including a link to a convincing lookalike website designed to steal your details.
But all will attempt to extract something from you, whether that is a direct payment or credit or bank account details, which can be used for further scams.
How can I detect a phishing scam?
The days when a cursory glance at a generic, grammatically incorrect message from a dubious email address urging you to click through was sufficient to detect a scam are over.
Artificial intelligence is helping scammers craft increasingly convincing emails and even fake websites duplicating those of legitimate organisations, such as booking.com itself or a hotel company.
“Historically, it was easier to catch out. It was more generic and there were common mistakes – the website didn’t look right or the spelling wasn’t right,” McGee said.
“Typically now with AI that’s easily fixed, so it’s almost foolproof in the information that they are sending to you.”
However, there are still two key checks you can do to weed out any potential scams.
The first is simple: check that the email address is an exact match to that of the legitimate organisation.
If you aren’t sure of the correct email address or still have concerns, the next step is to contact the organisation to verify whether they did in fact, send the query or payment request.
My travel data has been hacked. How can I protect myself?
As a first step, anyone caught up in the Booking.com data breach should immediately change their login details and passwords, McGee advises.
This should at least prevent hackers from having ongoing access to your account and any new personal data.
Always verify information and make payments through official platforms, not by directly clicking on links inside emails or text messages.
You can also consider installing scam detectors, which can flag suspicious activity, warn when potential scams pop up on your phone or computer and block risky websites if you do inadvertently click on a scam link.
“Then I would just be very, very careful and very suspicious if you’re getting emails or texts asking you to click on links to either get a refund from booking.com or to pay the balance of your trip,” McGee said.
“If you believe you do owe them money for a trip, then maybe just contact them before you actually do the transfer.”
NEVER MISS A STORY: Get your breaking news and exclusive stories first by following us across all platforms.
