SCAM booking.com customers that ask your email and after ask you to click a link
Good morning,
Please investigate and report to legal authorities urgently, since there is a new phishing scam, where the person books the most expensive unit asks for your email, sends emails to your company asking us to open a link, forcing us with a very elaborated and compelling story about the booking being to his mother and the link is a map to see if it is correct since the "mother" is 61 years old and as trouble locating herself.
The credit card provided is invalid, the country flag shows ie. France and language selected is ie. English.
Also note that on the emails sent in a very good level of English, show at the date letters, Cyrillic alphabet letters.
This matter is very serious please take actions since this elaborate scam will be very effective.
Sadly it's not a new scam...
https://partner.booking.com/en-us/community/other-discussions/scams
https://partner.booking.com/en-gb/community/property-management/booking-scam-0
https://partner.booking.com/en-gb/community/hospitality-and-guests/scam-email-request
https://partner.booking.com/en-gb/community/payments-commission-and-invoices/scam-reservation
https://partner.booking.com/en-gb/community/hospitality-and-guests/cancel-fakescam-reservations
Send a message via admin.booking.com > inbox. Copy and paste the message you received from the guest.
BdC really should do something about this.
booking.com really needs to up it´s game and start verifying in some way the validity of their members, this is a very troubling issue when any scammer can register in the website and start making thousands of bookings for phishing scams!
It even shows that they are "Genius" customers from booking.com!
Booking.com please take action since this is a very serious subject.
Interesting the email you received was in Cyrillic. The one we received was in Italian (they were pretending to be from the UK).
You can also report the scam via this link:
https://partner.booking.com/en-gb/help/legal-security/security/report-security-issue.
This is from an email from BdC from February this year:
"An increasing number of our partners globally are being targeted by phishing campaigns. Unfortunately, some of our partners have accidentally compromised their internal systems by clicking the links included in these phishing emails. This has resulted in the unauthorized access of some traveller reservation details, including personal data. While this scenario is a breach of a partner’s system or account, it’s important to note that it is not a compromise of our backend system or infrastructure."
Semantically that may be correct, but who leaves the front door wide open to these phishing campaigns?
Booking.com cannot accept any registration without implementing some form of verification for legitimacy, even worse, this individuals show up as "Genius" (special) booking.com customers.
The Cyrillic letters are very hard to notice (the email was all in English), you are only able to spot Cyrillic letters where his email date shows on the bottom of the email technical details.
All people need to create an account with BdC is a valid email address.
Genius isn't really that special. You get level 1 after completing 2 stays et voila, you're a Genius for life.
There is no verification of ID and/or credit card.
Fake bookings, scams, endless cancellations and unpaid no-shows would be history with safety features in place.
AGREED
Booking.com must be within minimum standard safety, and not blaming partners for clicking links and therefore have breaches of data....All companies like these must have safety mesures against a simple identity verification.
Even worst, if partners forget to select no-show or invalid credit card (since there is no selection for "Invalid SCAM Customer", the partner will pay commission if not aware or busy working in high seasons! Booking.com to gain....!
For booking.com accepting any unverified customer, is a win win situation with no consequences.
This is so scary. Mine booked and sent me a link oh this is a doctors report for allergies her daughter had.
Hello. Recently I also was the victim of this scam. Booking from France, speaking English and having +1 North American number connected with spam. His/her sorry was pretty much dramatic, with some allergies and concerning health of persons mother. They even send me that it can only be opened with compiter. I didn't fall into the trap but only because I have some knowledge about security in ITs. After realizing what is happening I safely downloaded file and it was .bak (Windows and other OS) script which was located at Discord servers. Person said it is a Google maps route which I should check and confirm. It is automatically downloading about 11 more files also located on their servers, and running the last it downloads. I wasn't going further because I don't have time for that. But I tried to reach both Booking and Discord. I wish I didn't. The only thing Booking did was disabling my account and forcing me to change the password, even it was clear my account wasn't compromised, I explained them everything. They seem to care only about things we have in common ("thing that make the world go around"). Other things aren't that important even though the scam is coming from Booking network. Booking has some really good sides, but this one disappointed me. Discord was trying to help but after two days of conversation I got to know that are about some safety team with which I don't know where to start conversation, info is really hard to find. I asked them to guide me how to contact team from above. Hoping to get an answer. Anyway, take care of your digital life and don't open suspicious files especially .bak and other script files. Also if the user is first time Booker you have a greater chance for it to be a scam. I hope this will help to someone because I didn't see much help from those who were supposed to help me.
Booking.com scammers has reached another level today for us.
We received the reservation for January 2024 for 1 night and the payment method is channel collect booking.
But when we test the credit card details, our credit card machine inform us that it is a stolen credit card!
I know it sounds unreal but it is true and we have a video of the card processing showing the stolen card information.
How booking can let such situation happening?
It is very urgent for them to take action to avoid this to other partners.
I Have just received an email asking for confirmation of Birth Date.
Clicked (Not thinking), but realised that there may be a likely issue when it asked for my logins which are already in my password vault.
Can anyone confirm if this is indeed a Scam. - just want to check with the community as well.
Hi xxxx,
Our Terms state that you need to be at least 16 years old to use our Platform. If you're above the age of 16, please update your date of birth before 1 November 2023 to keep access to your account.
If you don't take any action, your account will be blocked until either your age has been updated or you turn 16 years of age.
If you need further assistance with any booking, please contact our Customer Service team.
You should check the link you are clicking. If it is in mail in form of hyperlink (blue text with click ability) you should be able to copy it somehow and check it before going to the site. Also, if you already clicked you see the link in your address bar and in browser you have small padlock next to ot so you can verify that you accessed right destination. Anyway if it is from booking, link has to look something like partner.booking.com, admin.booking.com or similar.