Online Security Awareness: Phishing
What's phishing?
Phishing is pretending to be someone else to steal money, data, or data to earn money. Phishing is the most common way that organizational breaches occur.
What do they want?
- Guest reservation data
- Personal info of employees and guests
- Credit card info
- To trick staff, compromise systems, or steal money
Who's the target of phishing?
Practically speaking, anyone with valuable data is a target. At Booking.com, our accommodation partners are targeted by phishing due to the type of sensitive and valuable data held on the Extranet.
Typical signs of a phishing email include:
-
Urgency
Phishing emails tend to create a false sense of urgency, such as "Your Extranet Account Is Suspended" or "Urgent: Financial suspension – log in to pay." Scammers will always adapt their techniques in order to make their phishing emails look as legitimate as possible.
-
Errors and mistakes
Phishing emails often include spelling errors or grammatical mistakes. If you spot numerous spelling/grammar mistakes or a mix of different languages in the same email, it’s likely a phishing email.
A phishing email will also be typically written entirely or partially in a language that doesn’t match your own. You can always check the real sender in the "From:" field of your email client and checking the sender located inside the arrowheads (“<”, “>”).
Note: A Booking.com email will always end in “booking.com”, regardless of the subdomain. For example, emails coming from an address like "support@booking-103266.com" aren't from Booking.com and are definitely malicious! Do not interact with such emails, and report them as spam instead.
What does phishing mean for you?
You probably get suspicious emails every day that are blocked by email filters – even though a few will always get through. Depending on your email client, these suspicious messages may be flagged, or automatically moved to the spam folder.
Note: Recently, we've seen attempts from scammers attempting to mimic our emails in order to phish your username and password to take over your account. These phishing emails can lead to a webpage that looks very similar to the Booking.com Extranet login page – but if you check the URL bar, you'll notice differences. The key to protecting your business is to report these emails to Booking.com as soon as you spot them.
What can I do to stay safe?
Manually type https://admin.booking.com/ into your browser. You'll see a secure lock icon next to the address. Bookmark this page and use this link to manage your property.
You'll find more info on verifying that a site is safe in How to prevent unauthorized use of your account.
Be vigilant! If you see a suspicious email, follow these tips to check and report them:
- Don’t trust the display name!
Check the email address in the "From" header – if it looks suspicious, don’t open the email.
Note: Here are some examples of trusted Booking.com email addresses: noreply@booking.com noshow@booking.com @property.booking.com noreply-payments@booking.com customer.care@booking.com @guest.booking.com customer.service@booking.com invalid-cc@booking.com @mailer.booking.com email.campaign@sg.booking.com @partners.booking.com
-
Check links
It’s easy to hide the real destination of a link once it is embedded in an email, but luckily it’s also easy to double-check and find the real address both on desktop and mobile devices. Just hover your mouse over the link (or tap and hold on mobile devices) to see the real address behind a link.
If the address doesn't take you to an address ending in “.booking.com,” don’t click on it! Always report suspicious emails to the Booking.com security team – your report helps keep everyone secure.
-
Report suspicious email
You can do so by clicking here before moving the email to your trash.
I think I might have been phished! What do I do now?
Follow these steps to secure your account:
-
Reset your email account password first, then your Booking.com account password. To reset your Booking.com account, go to http://admin.booking.com, type in your username, then click "Having trouble signing in?"
-
Scan your device with an updated malicious software scanner. Not all phishing attacks steal passwords – some can have malicious software embedded in a "file" that may be malware, spyware, ransomware, or a virus. It's very important to scan your device if you think you clicked on a malicious link or downloaded unrecognized files.
-
Report it! Please contact Booking.com immediately to let us know that your account may have been compromised by a phishing attack. To help you and your guests as quickly as possible, your contract with Booking.com requires you to notify an actual or suspected account takeover within 24 hours. You can do this by contacting our security team here: Report a security issue
Don’t forget to include all relevant details, such as a copy of the suspicious email you received or any unrecognized activity in your account. Check this link for instructions on safely forwarding a suspicious email as an attachment.
-
Legal & Security
-
- Why you need to complete the Know Your Partner (KYP) form
- Making Pulse even more secure
- What you need to know about online security and social engineering
- Online Security Awareness: Phishing
- Preventing unauthorized use of your account
- What is 2-factor authentication (2FA)?
- Requirements and regulations for surveillance devices
- Digital event security standards
- Guidelines for room key access
- Keeping your property safe and clean
- Equipping your home property with safety devices, safety kits, and emergency plans
- Protecting your home property with security devices
- Partner Liability Insurance
- Identifying and acting on potential human trafficking of refugees from Ukraine
- Report a security issue
- Online security awareness: malware
-
- Local laws and regulations
- How do I remove a property or end my partnership with Booking.com?
- My property is under new ownership. What should I do?
- Booking.com Animal Welfare Standards for accommodation partners
- Booking.com Animal Welfare Standards for experience partners
- Where can I find my General Delivery Terms (GDT)?
- Complying with European Union consumer law
- Mandatory host type (professional/private) assessment
- How does parity work?
- Our values and guidelines
- Offer transparency and clarity through simpler policies
- Our Supplier Code of Conduct
- [EN-US] Meeting legal requirements for tourist accommodation in French Polynesia
- Understanding Force Majeure
- Handling emergency closures
- VAT and tax withholding legislation in Mexico
- Understanding short-term rentals
- Short-term rentals: FAQs
- Everything you need to know about DAC7