On December 2nd, customers of the travel booking website Booking.com were targeted in a hacking incident, resulting in many customers falling victim to fraud. According to cybersecurity experts, the hackers did not directly attack the Booking.com platform but instead gained access to individual hotel computers to obtain login credentials for Booking.com. They then posed as hotel staff and defrauded customers.
The hackers send a phishing email to the hotel staff claiming that they had stayed at the hotel and left behind their passport. The email included a link claiming to have a passport photo file in Google Drive. Once a hotel employee clicked on the phishing link, malware was installed on the computer, allowing the hacker to gain access to the hotel's computer system and automatically search for information needed to log in to Booking.com. After successfully gaining access to Booking.com's system, the hackers used an official program to send a message to reservations asking them to pay their rent in advance.
It has been reported that these fraudulent activities have generated significant profits for the hackers, to the extent that they are offering payments of up to USD$2,000 on the dark web forums in exchange for access to hotel websites. The victims of this incident include travelers from the United States, United Kingdom, Singapore, Indonesia, Italy, Greece, Portugal, and the Netherlands. Similar phishing scams targeting foreign travelers have also been reported in Japan since May, with at least 68 hotels being targeted.
A spokesperson for Booking.com acknowledged that the breach did not occur on their platform but expressed understanding of the severe consequences suffered by those affected. They pledged to assist their partners in swiftly securing their systems and also facilitate the recovery of lost funds for impacted customers.
To effectively combat this cybersecurity crisis, the Hong Kong China Network Security Association(HKCNSA)advises corporate staff to avoid clicking on links from untrusted sources to prevent the spread of viruses or malware. Additionally, businesses should enhance their employees' awareness of social engineering scams to prevent sensitive information from being compromised or taking actions that may endanger security.
In the future, the HKCNSA is committed to promoting the development of cybersecurity technologies and strengthening cooperation and communication with various industries. Together, they aim to protect cybersecurity, advance the cybersecurity industry, and foster progress in this field.