It’s been reported that following a hack of online travel agency Booking.com’s email system, customers have been receiving phishing emails asking for their bank card details to avoid cancellation of their hotel booking.
The emails, which have been reported to come from a standard booking.com email address, appear to be targeting customers who have checked-in or are due to check in, and although they vary slightly in content, give customers a limited time (4 to 12 hours) to provide their card details following the fraudulent payment request.
It’s been reported that booking.com denies having its email hacked and blames the breach on partner hotels’ email systems being hacked following phishing attacks. The advice for those who have received the emails and are suspicious is to contact Booking.com’s customer service team, contact the hotel directly, or if payment has been made, to contact their bank.