Warning about AI scam that looks like booking.com
 

Hello,
I thought I should warn Fodorites that there is an AI scam going around that looks like booking.com. Today I received an email from a hotel in Siena, Italy where we have reservations for next May. The email is from the hotel via booking.com. This looks like a very legitimate message from booking.com with their branding, logo, my booking confirmation number, and our reservation dates. However, I was immediately suspicious because the email claims I need to reconfirm my reservation by clicking on a link and giving my personal data again along with my credit card information within 24 hours. It threatens to cancel my reservation if I don't do this. And goes on to say that if I have paid for the hotel, and don't reconfirm, they will cancel and not refund my money. Of course I didn't believe any of this.

I emailed the hotel directly to let them know what is happening. They already know about it, and they reassured me that my reservation is fine.

I know most people here are too smart to fall for this but thought it wouldn't hurt to give a heads up.

Happy travels!
Karen

Sometimes I think the Internet doesn’t have our best interests at heart ❌

Thanks, Karen. This problem has been mentioned here before, but IMO, it's worth reminding people once in a while. And I'm glad you didn't fall for it! The last time there was a thread about it, Christina pointed out that Fodor's had run a story about it:
https://www.fodors.com/news/news/hac...u-need-to-know

There have been several threads over the last year or so about this scam - Later today I'll try to find one or two. It happened to me last year at a HI Express at LHR. The hotel was well aware of it and that many of their guest had received the same e-mails. In the end nothing came of it. Booking was also aware of the issue.

was posting the same time as kja -- I hadn't seen that article before.

Good catch! That does seem odd and suspicious. Always be wary of entering personal info on the internet.

I hadn’t seen the article that kja posted either, until now. I did have a vague memory of someone on Fodors posting awhile ago that the same thing happened to them. I am immediately suspicious when someone asks me to click on a link and provide information especially my credit card information. But I can understand how some people can be tricked because the email very accurately and realistically mimicked booking.com’s emails. It’s the message, of course, that made me suspicious.

It is deeply concerning that the scammers appear to have access to the database/s where the bookings are stored. It’s not a normal phishing email.

Thx for this KW.
I am done. the Nigerian with a Russian accent with a mailing address in Bangalore

dreamon, yes, it is deeply concerning. They have my email address, my name, the name of the hotel, the dates we are checking in and checking out. And my booking.com confirmation number!

I received 2 emails from the hackers. When I didn't respond to the first email, they sent a second email, and that one contained the paragraph stating that if I didn't reconfirm, and if I already paid, they would cancel my reservation and NOT refund me. So, obviously, a ploy to scare me even more.

My understanding is they are hacking the hotel's system, not booking.com's. Please see the Fodor's news article linked above in post # 3. It's a phishing expedition, targeting those who respond by entering the credit card or bank information requested. Your reservation remains safe

That's how I understood it when there were threads here - still haven't found any of the threads -- They were on the Travel Tips forum and/or here on Europe. I spoke to the HIE a couple of times and they indicated it was within their system -- not Booking's., and they were taking action.

Google is your friend.
https://www.fodors.com/community/eur...-hack-1723787/

Again, as I understand it, which could be mistaken .... The nefarious entity in question hacks into a hotel's email and then uses it to send phishing emails. It doesn't actually get anything unless someone actually enters CC or bank info.

I've gotten the message multiple times -- several times in Cambodia, once in Portugal, once while at home booking trips. I've always notified the hotel in question and booking.com using direct channels. I've not had any problems with my reservations or with my CCs or banks as a result.

Ah - my problem was using the Fodors search and looking farther back. I think there was an earlier/longer thread - from early this year or sometime in '23.

Could have been ... but all our reports of personal experiences seem far less relevant to me than the info in the Fodor's News report. Lots of fear-mongering, panicky reactions, etc. Not all that helpful, IMO. Here's the RESEARCHED link again:
https://www.fodors.com/news/news/hac...u-need-to-know

I didn't say whose database they scammers had access to (because I'd no idea whether the hotels or the aggregator). In some ways, if they are accessing the databases of lots of hotels, that's almost worse, especially when those hotels are taking images of your passports and storing them in there as well. I think the only thing you can do is be wary and not be panicked into replying (easier said that done!).

I don't believe there is any evidence that they have accessed hotel databases. Just hacked their emails. Again, I could be wrong. PLEASE look for authoritative information!

I hadn't heard about this scam and I do make reservations via booking.com. Thanks for the warning!

They've gotten into the hotel computers that deal with reservations. Once you're in the computer you tend to have access to everything on the computer.

I think if you signed in to your booking.com account you could find out pretty fast what status your reservations are in.

I make it a habit to NEVER allow companies to store my credit card info, since several times I have received emails from reputable companies informing me that they have been hacked.

This story is a bit concerning though because sometimes hotels that I have booked through booking.com will take full payment at a point several weeks before the reservation is to begin. This could possibly cause confusion in the busy environment in which we receive so many emails every day.