We are committed to supporting you and taking action on cyber threats and attacks — but we also rely on you to be vigilant. On this page, we’ll guide you through recognising and reporting suspicious online behaviour as well as protecting your Booking.com account.

Reporting suspicious activity

Booking.com respects the privacy of your login details and devices. Our employees will never ask to take control of your computer or mobile phone, request any login information such as your two-factor authentication and/or password, or any other confidential information.

If you are — or suspect you are — a victim of a digital security attack on your Booking.com account, report it immediately.  When in doubt, leave the phone call, browser or application.

Tiago de Almeida, Director Cybersecurity

Tiago de Almeida

Director Cybersecurity

Protecting your Booking.com account

As a Booking.com accommodation partner, you have access to a large amount of guest information. A successful cyberattack can result in loss of personal information and money for you, as well as your guests.


Use the below checklist to keep yourself secure:

Recognising the signs of a cyberattack

Cybercriminals use a variety of ways to gain or otherwise mislead you into giving them unauthorised access to the data from your digital accounts.

The below scenarios are a breach of a partner’s system or account and not a compromise of our Booking.com backend system or infrastructure.

  1. Phishing
    This occurs when someone pretends to be someone else by persuading you to log into a fictitious website or click on a malicious link to capture your login details. 
    Learn more about phishing

  2. Social engineering
    This technique is used by cybercriminals to try to trick you to gain access to sensitive information through direct contact with you.
    Learn more about social engineering

  3. Malware
    This term refers to any malicious software - also referred to as viruses, worms, trojan horses or spyware - that is installed on a digital device.
    Learn more about malware


At Booking.com, securing our traveller and partner data and providing a reliable, resilient service is of paramount importance. We regard this not only as a professional obligation but also as an individual commitment. While we will never be able to eliminate all cybersecurity threats, we will always consider how they impact you and we will seek to swiftly rectify incidents and make all necessary improvements. Our mission is to earn, demonstrate and position trust as a differentiating hallmark of the company.

Spencer Mott
Chief Security Officer


We want partners to feel confident using our platform. In addition to the secure processes we already have in place, through your vigilance and reporting of issues we can work together to minimise these security threats.

Report a threat