eSecurity Planet reported:
Find the original article here.
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat
Cybercriminals are exploiting hotel booking platforms in a global phishing scheme that tricks guests into paying for reservations twice.
Sekoia analysts traced the campaign back to earlier infostealer infections that infiltrated hotel networks and stole professional credentials.
These stolen credentials granted threat actors access to hotel accounts on booking platforms such as Booking.com and Expedia, enabling them to impersonate legitimate hotel staff and contact guests directly.
Victims were told that a “bank verification issue” required them to reconfirm their payment, often through a phishing link designed to mimic Booking.com’s interface.
The link redirected to a fraudulent payment portal hosted on infrastructure located in Russia and operated by a suspected BulletProof hosting provider.
Sekoia analysts traced the campaign back to earlier infostealer infections that infiltrated hotel networks and stole professional credentials.
These stolen credentials granted threat actors access to hotel accounts on booking platforms such as Booking.com and Expedia, enabling them to impersonate legitimate hotel staff and contact guests directly.
Victims were told that a “bank verification issue” required them to reconfirm their payment, often through a phishing link designed to mimic Booking.com’s interface.
The link redirected to a fraudulent payment portal hosted on infrastructure located in Russia and operated by a suspected BulletProof hosting provider.
Find the original article here.
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat