Online Security Awareness: Phishing

Article Sections:

What's phishing?

Phishing is pretending to be someone else in order to steal money, data, or data to earn money. Phishing is the most common way that organizational breaches occur.


What do they want?

  • Guest reservation data
  • Personal info of employees and guests
  • Credit card info
  • To trick staff, compromise systems or steal money

Who's the target of phishing?

Our accommodation partners are targeted by phishing in order to access their Extranet system illegally and steal sensitive details.

The typical signs of a phishing email are:

Urgent messages

Phishing emails tend to create a false sense of urgency, such as "Group reservations, arrival tomorrow" or "Urgent: financial suspension – log in to pay."

Errors

Phishing emails often include spelling errors or grammatical mistakes. If you spot several spelling/grammar mistakes, or a mix of different languages in the same email, it’s probably a phishing email.


What does it mean for you?

You probably get suspicious emails every day that are blocked by email filters – even though a few will always get through.

Most recently, we've seen fraudulent attempts to copy our emails in order to phish your username and password and take over your account.

The key to protecting your business is to report these emails to Booking.com as soon as you spot them.


What can I do to stay safe?

Manually type https://admin.booking.com/ into your browser. You'll see a secure lock icon next to the address. Bookmark this page and use this link to manage your property.

Be vigilant. If you see a suspicious email, follow these tips to check and report them:

Check the "From" email address

Don’t trust the display name! Check the email address in the "From" header – if it looks suspicious, don’t open the email.

Examples of trusted email addresses:

noreply@booking.com @guest.booking.com
noshow@booking.com customer.service@booking.com
@property.booking.com invalid-cc@booking.com
noreply-payments@booking.com @mailer.booking.com
customer.care@booking.com email.campaign@sg.booking.com
@partners.booking.com  

Although the sender might be different, the domain will always end in booking.com as noted above

Check links

“Look but don’t click” – it’s easy to hide the real destination of a link embedded in an email. Hover your mouse over the link (tap and hold on mobile devices) to see where it will really take you. If the link address doesn't contain https://, don’t click on it! Always report suspicious emails! Your report helps keep everyone secure.

Report suspicious email

If you spot a suspicious email, don’t just delete it – report it to us first. Forward it as an attachment to report@booking.com, then move it to your trash.

Check this link for instructions on how to safely forward a suspicious email as an attachment.


Oh no, I think I might have been phished! What do I do now?

Follow these steps to secure your account:

  1. Reset the password on your personal email account. This will guarantee that any communication from Booking.com will actually reach you instead of unauthorized third parties.
  2. Reset your Booking.com Extranet account password here.
  3. Run an updated malicious software scanner. Not all phishing attacks steal passwords – some can have malicious software embedded in a "file" which can be malware, spyware, ransomware, or a virus. It’s very important to scan your device/computer if you think you clicked on a malicious link or downloaded unrecognized files.
  4. Report it! Since you have information that's considered personal (and also sensitive), we ask that you contact Booking.com immediately to let us know that your account might have been compromised. You can do so by emailing report@booking.com. Don’t forget to attach the headers of the phishing email you originally received.