A phishing campaign is impersonating travel agency Booking.com to target employees in the hospitality industry, according to researchers at Microsoft.
The attacks use a social engineering technique called “ClickFix” to trick victims into downloading malware.
“In the ClickFix technique, a threat actor attempts to take advantage of human problem-solving tendencies by displaying fake error messages or prompts that instruct target users to fix issues by copying, pasting, and launching commands that eventually result in the download of malware,” Microsoft explains.
“This need for user interaction could allow an attack to slip through conventional and automated security features. In the case of this phishing campaign, the user is prompted to use a keyboard shortcut to open a Windows Run window, then paste and launch a command that the phishing page adds to the clipboard.”
The phishing emails are designed to create a sense of urgency, referencing negative reviews or asking…
Boutique Travel VC raises investment cap from $1.5M to $10M to lead rounds and support portfolio companies through growth Travel...
Read moreDetails
![DRC: first eurobond draws massive demand [Business Africa]](https://images.traveltrade.today/wp-content/uploads/2026/04/DRC-Issues-First-Eurobond-Massive-Investor-Demand.jpg)
