A “rapidly evolving” phishing campaign that impersonates popular travel platform Booking.com is targeting hospitality organisations in the UK, Microsoft has warned.
Microsoft Threat Intelligence said cybercriminals had used a tactic – nicknamed “ClickFix” – to trick businesses into downloading and launching credential-stealing malware since December.
The attackers send convincing Booking.com-themed emails referencing guest reviews and account verification notices, enticing recipients to click through to a fake page that eventually enables cybercriminals to steal payment and personal data.
The theft can potentially lead to fraudulent transactions and reputational harm to the hotels and travel services.
Microsoft said the campaign was now posing a “tangible threat” to UK-based hospitality and travel organisations.
It urged businesses and consumers to contact the service provider directly if they received a suspicious email or message using contact forms…
Boutique Travel VC raises investment cap from $1.5M to $10M to lead rounds and support portfolio companies through growth Travel...
Read moreDetails
![DRC: first eurobond draws massive demand [Business Africa]](https://images.traveltrade.today/wp-content/uploads/2026/04/DRC-Issues-First-Eurobond-Massive-Investor-Demand.jpg)
