Hackers have found a new scheme to extract bank details from Internet users. Hoteliers and their customers are the target of cyberattacks aimed at their interface with Booking.com booking platformalert Friday the employers’ association of the hotel and catering industry, the GNI, which invites the professional victims to disconnect from the site, warn their customers and file a complaint.
Since the end of December, cybercriminals have taken control of the interface of certain professionals with Booking.com, using targeted phishing techniques and have sought to extort payment data from Internet users who have used the platform, warns the GNI in an email to its members.
These messages invite hoteliers to click on a link that contains a file infecting their PC with viruses that seize passwords allowing hackers to modify the “brand name, contact details, rooms and prices” of establishments.
A flaw of unknown origin
The hackers also pose as the hotel to its customers, making contact either via Booking.com messaging or via WhatsApp, to invite them to click on a link and provide their bank details.
“We don’t know where the security breach came from, hoteliers or Booking, but the cybercriminal manages to enter the hotelier’s messaging service and recover the information”, explained Véronique Martin, director of the Europe and digital to the GNI.
“Hoteliers must lodge a complaint and so must customers, which will make it possible to assess the extent of these attacks,” she said, adding that she had “identified a dozen Parisian hoteliers targeted by these attacks”. “But that is certainly only the tip of the iceberg. We must prevent it from spreading throughout France, or even in Europe, ”says Véronique Martin.
“I have been losing turnover for a week”
Parisian hotelier Fabienne Ardouin, who manages the France Albion and Helussi hotels, identified “23 cases of phishing among customers, 5 of whom clicked on the link and gave their credit card information to hackers,” she said.
“I immediately cut off my connectivity with the site: I no longer have rooms for sale on Booking.com, I have been losing turnover for a week”, says the hotelier who chairs the Digital Commission of the GNI. Alerted, the platform remained silent, she continues: “My account manager has just told me that they were still looking”.
The GNI seized the cybermalveillance.gouv.fr platform and alerted the Fraud Repression and the Cnil on “the lack of support from Booking.com in this security breach”. For its part, Booking affirms that “the security breach does not come from” the site, ensures that “the accounts concerned were quickly locked”, and that “the travelers potentially concerned have been informed. »