Cyberattackers are hitting the digital road, looking to make some virtual stops at various hotels that contract with Booking.com to sell rooms. The idea is to phish the hotels’ backend Booking.com logins, with the aim of taking over the accounts and ultimately harvesting data on the hotels’ customers.
According to an analysis from Perception Point on the campaign, the threat actors are significantly innovating in their tactics, by focusing on specific industry practices and relationships to conduct targeted and compelling phishing attacks.
For instance, many of the phishing messages are to hotel managers, claiming that former guests are writing scathing reviews of the property online. The emails encourage the hotels to log on and reply to the complaints, and helpfully they contain a “Reply to Complaint” link.
Once duped into clicking, recipients are directed to a fake but very convincing-looking Booking.com website, complete with a believable URL…
