This season, a new attack scheme is proving very popular with cybercriminals: scamming Booking.com clients through the service’s internal messaging system. To do this, they use compromised hotel accounts on admin.booking.com. Over the past few months, various companies have released studies on incidents of this nature. Here’s a detailed breakdown of how this attack works, and tips on how hotel owners and staff can protect themselves (and their clients).
Infecting hotel staff computers with a password stealer
What we’re dealing with here is a multi-stage attack — B2B2C, if you will. It all starts with infecting hotel computers, but the immediate threat isn’t to the hotel itself — it’s to the clients.