Booking.com website fraud

Booking

The  vital link between Booking.com, Planet Earth’s number One accommodation site and the connection to the hotels has been compromised as hackers stole personal data and used them to con thousands of harmless customers on one of the world’s biggest hotel booking websites. It all started when Booking.com developed a new app for the mobile so that customers can complete their booking from their mobile. It is this mobile app, which was hacked to gain vital personal data.

Booking,com owned by Priceline Group, which dominates the online travel business in Europe, has announced on 14th October 2015, that they are listing 436, 000 hotels for direct booking on Trip Advisor, which means Trip Advisor users will now be able to book more than 828,000 hotels directly, without having to click through third- party site.  Booking.com has over 4, 426, 258 followers on Google+. Last summer Google launched its own direct booking service and Airbnb is expected to corner a substantial amount of business from sites such as Booking.com.

There was a fake call centre operation which had access to personal details including mobile numbers, email addresses and their advance booking date details from around the world.

Booking.com says it is working with the police to tackle the problem. Many foreign visitors to London from China, Japan, South Africa, Israel, India and Bangladesh, were phoned them claiming to be calling from the hotel in which the customer had booked for informing the customer that they will receive an email and if they have any questions they should get in touch with the call centre mentioned in the email. The subsequent e-mail would ask for advance payment for the hotel booking with bank details.

Innocent customers had transferred money this way only to realize they were conned and when they demanded for a reimbursement they were directed to a fraudulent phone line, where the organised hackers had installed staff who posed as Booking.com employees, insisting that the hotels had changed their payment policies.

Some customers sent a payment, only to find their hotel had no record of it when they checked in. Although they have received refunds from the real Booking.com for double payment, and this constitutes a major security breach. According to booking.com over 10, 000 people have been conned. This is similar to Talk-Talk customers being hacked.

Booking.com should bolster cyber security  perhaps like Cyphort’s APT defense approach, which is different than other market solutions.

Naive customers are still being conned as Booking.com’s failure to announce in public that their website is now safe.