Online security awareness: Phishing

Updated 3 months ago
Save

As a partner on our platform, you probably have access to a large amount of guest data, including names, addresses, credit card details, and phone numbers.

This means your Extranet account can be a tempting target for cyber criminals and fraudsters, who use a variety of techniques to try to gain access to this valuable data. Phishing is one such technique, and it’s explained in this article. Two other common techniques are malware and social engineering.


In this article:


Understanding phishing

Phishing is a type of cyber attack carried out by someone pretending to be someone else in order to steal or earn money or data. Phishing is the most common method by which organizational breaches occur.

Phishing attempts are usually aimed at stealing:

  • Guest reservation data
  • Personal info of employees and guests
  • Credit card info
  • Money, by tricking staff or compromising systems

Phishing attacks most commonly target individuals or organizations with valuable data. Accommodation partners like you can become targets because of the type of sensitive and valuable data held on the Extranet. Fraudsters may attempt to mimic our emails in order to phish your username and password for the purposes of taking over your account. These phishing emails can lead to a webpage that looks very similar to the Booking.com Extranet login page – but if you look at the URL address bar, you’ll notice differences. The key to protecting your business is to report these emails to us as soon as you spot them.

If we detect suspicious activity in your Extranet account, we’ll immediately disable the ability for your property to include links in any messages you send your guests via our platform. This is to prevent cybercriminals from impersonating you and exploiting this messaging channel to send fraudulent payment links to guests, particularly in the event of a phishing attack on your property.


Identifying phishing attempts

You probably receive suspicious emails every day. Depending on your email client, these suspicious messages may be flagged or automatically moved to the spam folder, but some may get through. You can spot these by keeping an eye out for:

  • Urgent language
    Phishing emails tend to create a false sense of urgency, such as threats of your Extranet account being suspended, or an urgent email about your financial situation. Fraudsters will always adapt their techniques to make their phishing emails look as legitimate as possible.
     
  • Errors and mistakes
    Keep an eye out for spelling errors or grammatical mistakes. If you spot numerous mistakes, or a mix of different languages in the same email, it’s likely a phishing email. Typically, a phishing email will also be written entirely or partially in a language that doesn’t match your own. You can always check who the real sender is in the “From:” field of your email client, or by checking the sender located inside the arrowheads (“<,” “>”). Emails from Booking.com should always come from an account ending in “@booking.com,” regardless of the subdomain. An email address like “support@booking-103266.com” isn’t from Booking.com and is definitely malicious. Don’t interact with such emails – report them as spam instead.

What to do if you suspect a phishing attempt

If you suspect your computer or laptop has been infected with malware, try performing one or more of the following steps:

  • Reset your email account password first, then reset your Booking.com account password. To do this, go to http://admin.booking.com, type in your username, then click “Having trouble signing in?”
  • Scan your device with an updated malware scanner. Not all phishing attacks steal passwords – some can have malicious software embedded in a file that may be malware, spyware, ransomware, or a virus. It’s very important to scan your device if you think you’ve clicked on a malicious link or downloaded unrecognized files.
  • Contact us within 24 hours of a suspected or actual phishing attack. This allows us to start securing your business and your guests as quickly as possible. Don’t forget to include all relevant details, such as a copy of the suspicious email you received, or any unrecognized activity in your account. Click here for instructions on how to safely forward a suspicious email as an attachment.

Protecting your organization from phishing attempts

To avoid potential security breaches before they happen, we recommend taking the following proactive steps to protect yourself from fraudsters impersonating Booking.com:

  • Bookmark the correct Extranet link
    Manually type https://admin.booking.com/ into your browser. You’ll see the secure lock icon next to the address. Bookmark this page and use this link to manage your property. Learn more about preventing unauthorized use of your account in this article.
     
  • Double-check email addresses
    Don’t automatically trust the email display name. Check the email address in the “From” header – if it looks suspicious, don’t open the email. Here are a few examples of trusted Booking.com email addresses:

       noreply@booking.com

       noshow@booking.com

       @property.booking.com

       noreply-payments@booking.com

       customer.care@booking.com

       @guest.booking.com

       customer.service@booking.com

       invalid-cc@booking.com

       @mailer.booking.com

       email.campaign@sg.booking.com

       @partners.booking.com

  • Check links
    Check the real destination of a link by hovering your mouse over it—or by tapping and holding the link if you’re on a mobile device—to see where it’ll actually take you if you click it. If the link doesn’t take you to an address ending in “.booking.com,” don’t click it.
  • Report suspicious emails
    Always report suspicious emails to the Booking.com Security team. After you do so, move the email to the trash. You can do so by clicking here prior to moving the email to your trash.
  • Limit the use of tools that grant online anonymity
    We discourage the use of tools that grant anonymity (e.g. Incognito, private modes, etc.) online while navigating the Extranet. This will help us keep you safe.

You can now access all your legal messages and updates anytime, all in one place.

Read more

 

 

Share your thoughts in the Partner Community

Is this article helpful?