Financial Crime World

Warning to Booking.com Users in Belgium: Be Aware of Sophisticated Phishing Scams

Overview

  • Reports of financial scams targeting Booking.com users in the UK
  • Belgian customers urged to be vigilant due to similar phishing scams

Phishing Scams Targeting Booking.com Users in Belgium

Following reports of financial scams in the UK, Belgian residents are being advised to be cautious when using the holiday accommodation platform Booking.com. Hackers have been intercepting and manipulating booking confirmation emails, creating seemingly authentic messages that ask customers to provide their bank card details to secure their reservation.

How the Scam Works

  1. Intercepted and manipulated booking confirmation emails
  2. Deceptive emails contain incorrect payment information
  3. Reservations could be cancelled unless details are provided

Appearance of the Fraudulent Emails

The emails appear to be genuine, containing correct booking information such as dates, accommodation details, and reservation numbers. They come from the no-reply email address used by Booking.com: booking.com@noreply.com.

Investigation and Debate on Responsibility

  • British media coverage of the phishing scam
  • Booking.com denying a hack of their system
  • Suspicion of breaches in email systems of partner hotels

British Media Coverage

The Guardian and Sky News have reported instances of the fraudulent emails sent to customers in the UK.

Booking.com Statement

The company denies a hack of its system and points to weaknesses in the email systems of its partner hotels for the phishing scam.

Debate on Responsibility

There is ongoing debate about the role Booking.com could play in protecting its users from phishing scams.

Prevention and Mitigation

Booking.com Response

The company advises partners on securing email systems against cybercriminals and encourages customers to be cautious and contact the hotel or Booking.com directly to verify any payment requests.

Reporting Scam Messages

Users who receive suspicious emails or messages should report them to the Belgian Cybersecurity Center (CCC) at verdacht@safeonweb.be.

  • Deployment of new AI technology by Telenet and Proximus to block text messages
  • Belgian fraudster sentenced to prison and fined for online scam involvement