Cybersecurity for accommodation partners
We’re committed to supporting you and taking action on cyber threats and attacks – but we also rely on you to be vigilant. On this page, we’ll guide you through recognizing and reporting suspicious online behavior as well as protecting your Booking.com account.
Reporting suspicious activity
Booking.com respects the privacy of your login details and devices. Our employees will never ask to take control of your computer or phone, request any login info such as your two-factor authentication and/or password, or any other confidential information.
If you are—or think you might be—a victim of a digital security attack on your Booking.com account, report it immediately. When in doubt, leave the phone call, browser, or application.
Protecting your Booking.com account
As a Booking.com accommodation partner, you have access to a lot of guest information. A successful cyberattack can result in loss of personal info and money for you as well as for your guests.
Use the checklist below to keep yourself secure:
- Set up two-factor authentication (2FA) on your Extranet account and use biometric authentication and custom passcodes on your Pulse account.
- Don’t reuse passwords and always choose strong ones.
- Install the latest version of the operating system on your devices.
- Download and install apps from trusted sources.
- Create individual Extranet accounts for yourself and your employees.
Recognizing the signs of a cyberattack
Cybercriminals use a variety of ways to gain—or mislead you into giving them—unauthorized access to data from your digital accounts.
The scenarios below are breaches of a partner’s system or account – not a compromise of our Booking.com backend system or infrastructure.
This occurs when someone pretends to be someone else and persuades you to log in to a fictitious website or click a malicious link to capture your login details.
Learn more about phishing
This technique is used by cybercriminals to trick you into giving them access to sensitive info through direct contact with you.
Learn more about social engineering
This term refers to any malicious software (e.g. viruses, worms, trojan horses, or spyware) installed on a digital device.
Learn more about malware
At Booking.com, securing our traveler and partner data and providing a reliable, resilient service is of paramount importance. We see this not only as a professional obligation, but also as an individual commitment. While we’ll never be able to eliminate all cybersecurity threats, we’ll always consider how they impact you, seek to quickly rectify incidents, and make all necessary improvements. Our mission is to earn, demonstrate, and position trust as a differentiating hallmark of the company.
Chief Security Officer