Booking.com phishing attack: "Reservation messages waiting for you"

Various posts that do not fit in any other category
Santeri
Posts: 316
Joined: 2017-7-5 09:58

Unread post by Santeri » 2023-4-18 19:52

There is an ongoing booking.com phishing attack to steal logins and passwords. Phishing emails are being sent to that contain links to phishing websites that look like booking.com website login page, that saves logins and passwords for the attackers.

Here is how a typical phishing email looks like:
Subject: 1 Reservation messages waiting for you
Sender: Booking.com <info@authenticbotswanatours.com>
Recipient: RECIPIENT_EMAIL_ADDRESS
Confirmation number: 7635467

You have 1 messages waiting for a response

Hi contact,

Looks like you've had new Reservation messages since yesterday. Catch up on your inbox and quickly reply to your guests with the link below.

View messages

© Copyright Booking .com 2023 This e-mail was sent by Booking.com

Right now you’re subscribed to email notifications from Booking.com.

Did you know you can edit your email preferences and also set up automatic replies for certain guest messages?

This email was delivered to: RECIPIENT_EMAIL_ADDRESS

Edit preferences
Emails look like this:
Image If any of the links on the email is clicked, they will lead to this fake website used for stealing logins and passwords:
Image Don't let hackers or booking.com scam you!

Happy travels,

Santeri