Dark forums are places where hackers advertise what they can do to increase attacks against Booking.com customers. As cybercriminals continue to target hotel guests by offering up to $2,000 for hotel logins, they are offering up to 2,000 dollars for hotel logins. In the event of a phishing attack occurring at Booking.com on November 12, 2023, reports emerged saying the company had confirmed the attack had happened.

It appears from Booking.com's statements, that it appears that hackers have been able to collect information about credit cards from consumers. An online travel agency with its headquarters in Amsterdam, Netherlands, Booking.com has been operating since 1997. 

With over 2.7 million properties worldwide, including more than 400,000 hotels, Booking.com offers reservations for more than 2.7 million properties. There is also the opportunity for owners of motels, apartment units, and resorts to upload their listings to Booking.com. 

Among the largest online travel agencies, Booking.com is also routinely ranked as one of the most popular travel applications that can be downloaded from the mobile web. It is estimated that the revenue generated by Booking.com exceeds $10 billion annually and that the company employs more than 21,600 people. This incident remains a looming problem for Booking.com, and the investigation into the incident continues. 

It is important to note, however, that Booking.com will be required to send out a letter of data breach notification to each individual whose information was compromised as a result of the recent data security incident when it has completed its investigation. There has been a surprising lack of news about the Booking.com cyberattack over the past few days, and more information is expected to become available shortly. Currently, several news outlets are reporting the incident, and Booking.com has only issued a partial statement confirming the incident. 

Various hotel employees received an email from a hacker posing as a traveller that caused the attack, according to these sources. An employee of the hotel clicked on the link that contained a malicious message in the email and caused the hotel’s computer to get infected with a virus. 

Once the virus had been activated, hackers were able to obtain the passwords and login information of hotels through Booking.com. Once the hacker had obtained those passwords and hotel IDs, he sent fake emails posing as a hotel employee to travellers. 

These emails explained how hackers could obtain travellers' credit card information by tricking travellers into entering their information into a fake Booking.com site, where hackers could easily collect travellers' credit card information. 

As of the moment, Booking.com has been in the process of investigating the impact of the phishing attack and has only recently confirmed the phishing attack. Following Booking.com's investigation, it is expected that the company will be required by federal law to send out information breach notices to all affected by the recent data security incident, once it has completed its investigation. 

A victim's letter should include a list of all the personal information that was compromised as part of the phishing attack. To access the targeted hotel’s system, fraudsters need to call the front desk and pretend to be a guest who left a valuable item behind when recently leaving the hotel. As soon as the criminal on the phone has finished speaking to the receptionist at the hotel, he or she then emails the receptionist with a link to a Google Drive file containing the file. 

A data breach notification that targeted victims receive from Booking.com is crucial for them to understand exactly what is at risk and how they can react to it. If those targeted victims have been the victim of fraud or identity theft, or they need legal advice following a possible Booking.com data breach, a data breach lawyer can help them learn more about how to protect themselves from becoming a victim, as well as talk to them about their legal options. In this example, instead of opening a picture of the product in question, the customer service representative opens a Malware file called Vidar Infostealer which steals the billing information of the hotel system and automatically relays it to the fraudsters to gain access to the payment processing system. 

When the bad actors logged into Booking.com with the stolen credentials, they approached hotel guests and requested bogus payments. Rather than sending the victims directly to Booking.com or the actual hotel website to pay, the hackers send them to a spoofed website or take their credit card information over the phone rather than sending them to Booking.com or an actual hotel website. Since guests are unaware they are being scammed because the messages come from legitimate, but unfortunately hacked, accounts of hotels listed on Booking.com, the attack is extremely successful as a result of a highly effective attack.

In an analysis conducted by the security firm, it was discovered that this issue is very widespread and affects hotels and resorts around the world. As a result of these attacks, substantial financial losses can be sustained, and there are still concerns about the potential for data misuse and trust breaches. According to the security team, there may be more than one reason for the Booking.com phishing attack in the future, as a previous InfoStealer campaign that was targeted at hotels and travel agencies may be part of a larger pattern.  

Users are strongly recommended to check URLs thoroughly before clicking, to take caution when making urgent requests, to contact service providers directly to get answers to their questions, to share knowledge about phishing, and to keep an eye out for unauthorized transactions occurring on their accounts.