Booking.com users are being targeted by yet another phishing campaign designed to steal data, login credentials, and more. Microsoft Threat Intelligence spotted the ongoing attack targeting users and hospitality organizations worldwide, but there are some tell-tale signs.
Microsoft Threat Intelligence first spotted this Booking.com phishing campaign back in December 2024, but it remains active and is claiming victims from numerous countries around the world. The phishing campaign uses a social engineering technique known as ClickFix, which basically tricks users into clicking through error messages to run commands that download malware. Microsoft states:
In the ClickFix technique, a threat actor attempts to take advantage of human problem-solving tendencies by displaying fake error messages or prompts that instruct target users to fix issues by copying,…
Boutique Travel VC raises investment cap from $1.5M to $10M to lead rounds and support portfolio companies through growth Travel...
Read moreDetails
