What is phishing?
Phishing is pretending to be someone else in order to steal money, data, or data to earn money. Phishing is the most common method by which organisational breaches occur.
What do they want?
- Guest reservation data
- Personal information of employees and guests
- Credit card information
- To trick staff, compromise systems or steal money
Who is the target of phishing?
Our accommodation partners are targeted by phishing in order to access their extranet system illegally and steal sensitive details.
The typical signs of a phishing email are:
Phishing emails tend to create a false sense of urgency, such as ‘Group reservations, arrival tomorrow’ or ‘Urgent: financial suspension – log in to pay’.
Phishing emails often include spelling errors or grammatical mistakes. If you spot numerous spelling/grammar mistakes, or a mix of different languages in the same email, it’s probably a phishing email.
What does it mean for you?
You probably receive suspicious emails each day that are blocked by email filters – though a few will always get through.
Most recently, we have seen fraudulent attempts to mimic our emails in order to phish your username and password and take over your account.
The key to protecting your business is to report these emails to Booking.com as soon as you spot them.
What can I do to stay safe?
Manually type https://admin.booking.com/ into your browser. You will see a secure lock icon next to the address. Bookmark this page and use this link to manage your property.
Be vigilant. If you see a suspicious email, follow these tips to check and report them:
Check the ‘From’ email address
Don’t trust the display name! Check the email address in the ‘From’ header – if it looks suspicious, don’t open the email.
Examples of trusted email addresses:
Although the sender may differ, the domain will always end in booking.com as noted above
“Look but don’t click” – it’s easy to hide the real destination of a link embedded in an email. Hover your mouse over the link (tap and hold on mobile devices) to see where it will really take you. If the link address does not contain https://, don’t click on it! Always report suspicious emails! Your report helps keep everyone secure.
Report suspicious email
If you spot a suspicious email, don’t just delete it – report it to us first. Forward it as an attachment to email@example.com, then move it to your trash.
Please check this link for instructions on how to safely forward a suspicious email as an attachment.
Oh no, I think I may have been phished! What do I do now?
Follow these steps to secure your account:
- Reset the password on your personal email account. This will ensure that any communication from Booking.com will actually reach you instead of unauthorised third parties.
- Reset your Booking.com extranet account password here.
- Run an updated malicious software scanner. Not all phishing attacks steal passwords – some can have malicious software embedded in a ‘file’ which may be malware, spyware, ransomware, or a virus. It’s very important to scan your device/computer if you think you’ve clicked on a malicious link or downloaded unrecognised files.
- Report it! As you have information which is considered personal (and therefore sensitive), we ask that you contact Booking.com immediately to let us know that your account may have been compromised. You can do so by emailing firstname.lastname@example.org. Don’t forget to attach the headers of the phishing email you originally received.