Since the end of December, cybercriminals have taken control of the interface of the booking platform using targeted phishing techniques. Objective: to extort payment data from Internet users.
Hoteliers and their customers are the target of cyberattacks targeting their interface with the Booking.com reservation platform, alerted Friday the employers’ union of the hotel and catering industry, the GNI, which invites the professional victims to disconnect from the site, to warn their customers and file a complaint. Since the end of December, cybercriminals have taken control of the interface of certain professionals with Booking.comusing targeted phishing techniques and seek to extort payment data from Internet users who have used the platform, alerts the GNI in an email to its members.
These messages invite hoteliers to click on a link that contains a file that infects their PC with viruses that steal passwords allowing hackers to modify the “brand name, (them) contact details, rooms and prices» The establishments. Hackers also pose as the hotel to its customers, making contact either via Booking.com or via WhatsApp, to invite them to click on a link and provide their bank details.
Read alsoWell-being: why these stays will change your life
“We don’t know where the security breach came from, from the hoteliers or from Booking, but the cybercriminal manages to enter the hotelier’s messaging system and recover the information”explained to AFP Véronique Martin, director of the Europe and digital department at the GNI. “Hoteliers must file a complaint and so must customers, which will make it possible to assess the extent of these attacks”she said, specifying that she had “identified a dozen targeted Parisian hoteliers” by these. “But that is definitely only the tip of the iceberg. We must prevent it from spreading throughout France, or even in Europe.says Véronique Martin.
The government platform seized
The Parisian hotelier Fabienne Ardouin, who manages the France Albion and Helussi hotels, has identified “23 cases of phishing customers, five of whom clicked on the link and gave their credit card information to the hackers”she told AFP. “I immediately cut off my connectivity with the site: I no longer have rooms for sale on Booking.com, I have been losing turnover for a week“, says the hotelier who chairs the GNI’s Digital Commission. Alerted, the platform remained silent, she continues: “My account manager just told me that they were still looking“. The GNI seized the cybermalveillance.gouv.fr platform and alerted the Repression of fraud and the Cnil on “the lack of support from Booking.com in this security breach».
For Gérôme Billois, cybersecurity expert at Wavestone, “hacks of this kind on platforms are extremely common”with a “increased quality” of these: “hackers manage to obtain usernames and passwords using very well-made scenarios”. He calls on platforms to “put in place procedures to react very quickly” in the event of a cyberattack. Asked by AFP, the platform claims that “the security flaw does not come from Booking.com” and ensure that “the accounts concerned were quickly locked”and “the travelers potentially concerned had been informed.»
SEE ALSO – Cyberattacks: why are hospitals prime targets?