Sample Attack Chain (Source: Cofense)
A sophisticated email scam dubbed "ClickFix" is currently targeting Booking.com users, potentially exposing them to malware and financial risks. The scam leverages realistic-looking emails that mimic genuine Booking.com communications, making it difficult for recipients to distinguish them from legitimate messages.
These fraudulent emails often claim issues with bookings, such as problems with payments or reservation confirmations. They typically include a malicious attachment, a PDF file with names like "Statement_confirmation_BNB.pdf" or similar, which, when opened, infects the user’s system with malware. This malware can steal sensitive information, including login credentials, financial data, and personal details.
Security researchers warn that the ClickFix campaign is particularly dangerous due to its realistic appearance and targeted approach. The emails are well-crafted and often include details scraped from actual Booking.com bookings, making them even more convincing. This increases the likelihood of users clicking on the malicious attachments without suspicion.
To protect themselves, Booking.com users are advised to be extremely cautious when opening emails related to bookings. Always verify the sender’s email address and carefully examine the email’s content for inconsistencies or suspicious language. Avoid clicking on any attachments or links in emails unless you are absolutely certain of their legitimacy. It is also recommended to enable multi-factor authentication (MFA) on your Booking.com account to add an extra layer of security. Report any suspicious emails to Booking.com directly. Staying vigilant and informed is crucial to avoiding falling victim to the ClickFix scam.
Key Points
Read the Complete Article.
Boutique Travel VC raises investment cap from $1.5M to $10M to lead rounds and support portfolio companies through growth Travel...
Read moreDetails
